Script-based payment card malware continues its successful run, impacting a range of e-commerce sites, security researchers warn. With fraudsters continuing to refine their tactics, countering card-sniffing scripts continues to be difficult.
The ultimate responsibility of every CSO and CISO is to foster culture change and awareness, because that is every organization's single greatest data security and physical security control, says Andrew Rose, CSO of Vocalink, which is a MasterCard company.
Aluminum giant Norsk Hydro has been hit by LockerGoga ransomware, which was apparently distributed to endpoints by hackers using the company's own Active Directory services against it. To help safeguard others, security experts have called on Hydro to release precise details of how it was hit.
The FDA is generally on the right track in updating guidance for the cybersecurity of premarket medical devices. But a variety of changes are needed, say some of the healthcare sector companies and groups that submitted feedback to the agency.
As CSO of CDK Global LLC, Craig Goodwin has been part of the rollout of a new API platform that he believes will revolutionize automotive purchasing. Goodwin offers his perspective on security's role in application DevOps.
In today's hyper-connected enterprise, organizations are at risk of two different types of attack. Larry Link, CEO of Cequence Security, explains how to defend at a platform level - without adding friction.
Norsk Hydro, one of the world's largest aluminum producers, has been hit by a crypto-locking ransomware attack that began at one of its U.S. plants and has disrupted some global operations. A Norwegian cybersecurity official said the ransomware strain may be LockerGoga.
An unprotected database belonging to Chinese e-commerce site Gearbest exposed 1.5 million customer records, including payment information, email addresses and other personal data for customers worldwide, white hat hackers discovered.
Here's free software built by the National Security Agency called Ghidra that reverse-engineers binary application files - all you have to do is install it on your system. So went the pitch from the NSA's Rob Joyce at this year's "Get Your Free NSA Reverse Engineering Tool" presentation at RSA Conference 2019.
It's not enough to detect an attack. To be truly effective, defenders need to capture digital fingerprints and movement through the network. Lastline CEO John DiLullo discusses this level of defense.
In the expanded, virtual enterprise, security leaders face the challenge of defending an ever more complicated attack surface. How can they best understand and mitigate their risks? Kelly White of RiskRecon shares insights.
A funny thing happened on the way to dark web intelligence-gathering: Some organizations began to amass and share a lot of private information, potentially in violation of privacy regulations and industry rules, says Danny Rogers, CEO of Terbium Labs.
It's a common refrain that people are security's weakest link. But Stu Sjouwerman of KnowBe4 has a solution that adds a critical additional layer to address that vulnerability.
A medical software vendor's unsecured fax server leaked patients' medical information, highlighting yet again the importance of vendor risk management.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.