JavaScript sniffers - specialized malware that skims credit card information and other data from online shopping - are becoming far more prevalent, with several cybercriminal groups using the malware to target victims all over the world, a new analysis by security firm Group-IB finds.
After months of review, a Georgia-based healthcare system has determined that a cyberattack last year exposed the protected health information of more than 278,000 individuals. Meanwhile, federal regulators have issued an alert about advanced persistent threats.
Ex-black hat Alissa Knight recently joined Aite Group's new cybersecurity practice, and among her first tasks: a hard look at the security of major financial institutions' mobile banking apps. The results may surprise you.
Two third-party Facebook application developers exposed users' personal information by leaving the data exposed without a password in unsecured Amazon Web Services S3 buckets, researchers from UpGuard say. One data set contained 540 million unsecured records, the report found.
Security researcher Zammis Clark, who pleaded guilty to hacking Microsoft - with an accomplice - and later Nintendo, as well as stealing data and uploading malware to Microsoft's network, has received a suspended sentence.
Do real-time payments inevitably lead to real-time fraud? Debra Geister of NICE Actimize describes some of the fraud challenges of moving to faster payments.
Arrests made last week by European, U.S. and other law enforcement agencies appear to have led to the closure of the "Dream Market" dark web site, which, in turn, disrupted certain ransomware attacks, according to an analysis by incident response firm Coveware.
Toyota Motor Corp. has reported its second data breach in the past five weeks. The latest incident, revealed Friday, may have exposed data on as many as 3.1 million customers.
What are the most common causes of major health data breaches that have been added to the official federal tally so far this year? Read this analysis to find out the details.
Malicious bot attacks now account for nearly one-third of all internet traffic, says Franklyn Jones of Cequence, who describes why conventional tools for fighting against these attacks are ineffective.
Microsoft is using its legal muscle to push back against an advanced persistent threat group that is says is "widely associated with Iranian hackers." Following court approval, it is taking control of 99 website domains allegedly used by the attackers as part of an ongoing spear-phishing campaign.
Distinguishing nation-state attacks from organized crime continues to grow more difficult because some attackers wear both hats, a Europol official reports. Further complicating the picture: Young attackers enjoy access to ever-more sophisticated and inexpensive tools and services.
If you run a Magento-powered e-commerce site, it's time to patch again. E-commerce sites continued to be targeted by cybercriminals seeking to steal payment card data, and experts recommend moving quickly to plug the most critical flaw, a SQL injection vulnerability.
Multi-stage attacks use diverse and distributed methods to circumvent existing defenses and evade detection - spanning endpoints, networks, email and other vectors in an attempt to land and expand. Meanwhile, individual tools including DLP, EDR, CASBs, email security and advanced threat protection are only designed to...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.