Owners of Western Digital My Book Live devices have seen their data remotely wiped by attackers targeting a flaw first detailed in 2019. But WD stopped supporting these devices in 2015, which is a reminder that the best way to secure some types of internet of things devices may be to discard them.
The global law enforcement "Anom" honeypot operation racked up impressive statistics for the number of criminals tricked into using the encrypted communications service. Psychology was at play: Officials say users flocked to the service after they disrupted rivals EncroChat and Sky Global.
Based on Russian-language cybercrime chatter, "fear" likely drove the lucrative Avaddon ransomware-as-a-service operation to announce its retirement as the U.S. exerts increasing diplomatic pressure on Moscow to disrupt such activity, experts say. But are criminals simply laying low until the heat dies down?
Ransomware attacks are stuck on repeat: Criminal syndicates have found an extremely profitable business model, and they're milking it for all it's worth. So give the city of Tulsa, Oklahoma, credit for having in place robust disaster recovery capabilities and vowing to remediate, rather than pay criminals.
Only 13% of cybersecurity professionals had a cybersecurity education before getting into the sector, (ISC)2 reports, pointing to the need for extensive on-the-job training.
Law enforcement agencies use forensics tools from Israeli company Cellebrite to gain access to locked mobile devices and extract data. But the creator of encrypted messaging app Signal says he's found vulnerabilities in Cellebrite's tools, raising questions about whether the extracted data can be trusted.
CIO. Consulting CISO. Mentor. Activist on behalf of recruiting more women for cybersecurity and leadership. Jo Stewart-Rattray has filled many roles, and she has great insights to share with those who are starting or changing careers.
Less than a year ago, Ariel Weintraub was dabbling in data science as head of security operations and engineering at MassMutual, working under CISO Jim Routh. Now she’s replaced Routh as the new head of enterprise cybersecurity - and she welcomes the challenge.
Anyone wanting to invent a system designed to stoke widespread abuse by fraudsters would be hard-pressed to best the non-fungible token. Because they get bought and sold using cryptocurrency, it's only a question of when scammers will turn their attention to defrauding NFT aficionados.
Security practitioners often tread a fine and not entirely well-defined legal line in collecting current and meaningful research. This research can also pose ethical questions when commercial sources for stolen data fall into a gray area.
The zero-day attacks against Accellion's File Transfer Appliance show that a number of big-name firms continued to use the legacy technology - even though more secure, cloud-based options were available. Evidently, many CISOs didn't see a compelling reason to move on. Of course, now they do.
What happens when an e-commerce retailer sends customers a data breach notification email with a subject line that reads "strictly private and confidential"? "Clearly trying to make people stay quiet," responded one unamused Fat Face customer. Others report being none the wiser as to what risks they now face.
Unemployment fraud incidents have spiked in the past year, and high-salaried senior executives are often the fraudsters’ victims. Dr. Christopher Pierson of BlackCloak describes how these scams are pulled off, what impact they have and how the CISO can bolster defenses.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.