The Equation Group leak revealed a zero-day flaw in Cisco's firewall software - a patch is being prepped - as well as a vulnerability in Fortinet's software that's since been patched. Has the U.S. government long known about the flaws?
SWIFT screwed up. That's the takeaway from a new report into the Brussels-based cooperative, which alleges that the organization overlooked serious concerns relating to smaller banks' security and the risks they posed to the health of its entire network.
An unparalleled mystery has piqued the security community's curiosity. A group calling itself the "Shadow Brokers" claims to have stolen code and exploits from the Equation Group, a nation-state spying group suspected to be affiliated with the NSA.
Business email compromise scams have caused billions in losses. An inside look at one Nigeria-based group shows a surprising profile of the threat actors.
While hackers and ransomware attacks have been hogging the spotlight lately, regulators are warning healthcare entities and their business associates not to underestimate the serious security and privacy threats that insiders can pose.
CISOs must be empowered to define the security architecture for smart cities. How? By securing endpoints of known and unknown device categories in the network, says David Dufour, head of security architecture for smart cities at Webroot.
Neither ransomware nor social engineering is new, but both are more advanced and effective than ever. How can organizations improve how they detect and respond to the latest threats? James Lyne of Sophos shares insight and advice.
In the wake of the Hillary Clinton email controversy, organizations need to be more aware of the risks of unsanctioned "shadow IT" and take appropriate mitigation steps, says security expert Mac McMillan.
Google Project Zero researcher Tavis Ormandy has once again found major vulnerabilities in Symantec's security products. Symantec has released updates, but not all will install automatically - some vulnerable products must be manually updated.
In a video interview, FBI supervisory special agent Dan Wierzbicki says the bureau wants to work with businesses to improve the information in its cybersecurity alerts as well as to identify threats sooner.
As many as 250,000 credentials for Remote Desktop Protocol servers around the world may have been offered for sale on the now-shuttered xDedic cybercrime marketplace. So what can organizations do to mitigate related risks and avoid a major network intrusion?
Kaspersky Lab says that its original estimate of how many remote desktop protocol server credentials were offered for sale in the now shuttered online cybercrime marketplace xDedic may have been far too low, based on new data coming to light.
There is no such thing as "security by obscurity." Attackers can hack what they can't see. This means organizations must reimagine the fundamentals of API creation, says Jaime Ryan of CA Technologies.
In this edition of the ISMG Security Report, you'll hear our editors explore how hackers use Java script for ransomware, the latest digital currency security issue and privacy threats posed by virtual reality.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.