Breaches in the healthcare sector are continuing to surge, in part, because cybercriminals are building big data resources that can be used to fuel fraud, security experts Larry Ponemon and Rick Kam say in an audio interview discussing findings of a new Ponemon Institute report.
Close on the heels of the QNB leak, the same attackers have published data that appears to be from UAE-based InvestBank. The dump appears to contain payment card data, as well as a large number of sensitive, internal files relating to the bank's employees and systems.
Establishing new laws and regulations to address privacy and cybersecurity concerns related to the Internet of Things would likely be ineffective, attorney Steven Teppler, who co-chairs an American Bar Association IoT committee, says in an audio interview.
"Internet of Things" developers must think about how attackers might attempt to exploit a device, and why, and then write code designed to block such attacks, says Charles Henderson, IBM's global head of security testing and threats.
The massive "Panama Papers" data leak apparently was enabled by a law firm failing to have the right information security defenses in place. The breach calls attention to the need for all organizations to encrypt sensitive data, use access controls as well as monitor access patterns for signs of data exfiltration.
Revelation of 321 attempts to place ransomware on federal government computers in the second half of last year raises a number of questions about the effectiveness of the Einstein intrusion detection and prevention system as well as how the government responds to such attacks.
A new alert from the Department of Homeland Security regarding more than 1,400 software vulnerabilities in an older line of systems used to dispense medical supplies at hospitals spotlights the challenges involved in securing legacy equipment, including medical devices.
MedStar is but the latest healthcare entity to fall victim to a ransomware attack. What can organizations do proactively to improve their ransomware defenses and response? PhishMe CEO Rohyt Belani offers insight.
Ransomware is such a serious cybersecurity concern that the FBI has issued new guidance and yet another alert about the threat. Nevertheless, experts say too many organizations are still unaware of the risk, muchless how to mitigate it.
Tools and techniques need to be identified to aid law enforcement in gathering evidence from devices, such as smartphones, while safeguarding the security and privacy of individuals. Can stakeholders find that middle ground?
In the world of the extended enterprise, everybody seeks greater visibility into network activity. But Gidi Cohen was there in 2002, founding Skybox Security to provide analytics to improve cybersecurity. Cohen discusses the evolution of visibility.
Because of growing cybersecurity concerns, CISOs in the financial sector finally are getting more time with their boards of directors and more direct interaction with senior executives, says John Carlson, chief of staff at the Financial Services Information Sharing and Analysis Center.
Spear phishing, well-crafted socially engineered wire-transfer schemes and mobile-app overlay attacks will continue to escalate, which is why anti-phishing education is becoming increasingly critical, Dave Jevans of the Anti-Phishing Working Group says in this video interview.
More cybercriminals are adapting their attack techniques, using compromised credentials linked to privileged accounts to invade networks and systems, according to researchers at Dell SecureWorks, who describe an open source solution that can help mitigate the threat.
It's springtime in San Francisco: cue the annual RSA Conference. Here are some notable trends that have already emerged from the event, ranging from ransomware and phishing attacks to hacker self-promotion and Facebook fakery.