A Nigerian national has been sentenced to 10 years in prison after pleading guilty to taking part in a business email compromise operation that extorted $11 million from its victims, according to the U.S. Department of Justice.
Siemens has mitigated 21 vulnerabilities in two of its virtualization software tools that, if exploited, could enable attackers to gain remote control, exfiltrate data or cause systems to crash. It's urging customers to shift to updated versions of the software that fix the flaws.
Flavio Aggio, CISO of the World Health Organization, has had a long career across many sectors. He understands supply chain risk, and he sees the SolarWinds hack as "resumption of a very old attack - in new packaging." He offers insights on mitigating this and other cybersecurity risks.
Did Russia pass a tough new cryptocurrency law to help authorities recruit or compel criminal hackers to assist the government? That's the thesis of a new report, which notes that the new regulation includes a host of provisions designed to unmask cryptocurrency users' transactions - or else.
The U.S. federal government is increasingly using IoT devices across its agencies, which has raised concerns about security. NIST has published draft guidance to help federal agencies navigate safe IoT deployment and use, says Kat Megas, program manager in NIST's Cybersecurity for IoT Program.
An organization that administers a children’s dental and health insurance program in Florida took down its online application platform after it discovered the company that hosted its website apparently failed to address vulnerabilities over a seven-year period, resulting in the exposure of personal data.
Ransomware attacks continue to pummel organizations, but fewer victims have been paying a ransom, and when they do, on average they're paying less than before, says ransomware incident response firm Coveware, which traces the decline to attackers failing to honor their data deletion promises.
A recently discovered 10-year-old bug, if exploited, could give hackers root access to vulnerable Linux and Unix operating systems, according to Qualys. Security experts are urging users to immediately implement a patch to mitigate the risk.
Manufacturing System Protection from Cyber Attacks Industry 4.0 drives manufacturing efficiency by connecting systems to automate, share data, consolidate operations, and streamline production.
Researchers at the security firm Proofpoint are tracking several fraud schemes leveraging COVID-19 vaccine-themed emails. The schemes include business email compromise scams, messages with malicious attachments and phishing emails designed to harvest credentials.
Email security provider Mimecast says hackers compromised a digital certificate that encrypts data that moves between several of its products and Microsoft's servers, putting organizations at risk of data loss.
Google's Project Zero security team is describing its discovery last year of a complex "watering hole" operation that used four zero-day exploits to target Windows and Android mobile devices.
The U.S. federal court system is investigating an "apparent compromise" of a confidential electronic filing system used for sensitive legal documents. Meanwhile, it has suspended its use of the hacked SolarWinds' Orion system and changed document security procedures while conducting an audit.
The FBI is warning of a rise in "swatting attacks," which see hackers use compromised email accounts to access poorly-secured home smart devices that are equipped with cameras and voice capabilities to make hoax calls to emergency services.
A previously documented cryptomining worm dubbed Gitpaste-12 has returned with a wide-ranging series of attacks targeting web applications and IoT devices that exploit at least 31 vulnerabilities, according to Juniper Threat Labs.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.