The Department of Defense did not effectively control access to the health information of high-profile personnel, says a new watchdog agency report, which hints that the findings also may indicate ineffective access control over other DoD employees' health records.
A Nigeria-based ransomware gang is conducting a campaign that dangles a $1 million bribe - or a portion of any ransom collected - to employees of targeted organizations if they will install DemonWare ransomware on their corporate network.
As applications are no longer tied to infrastructure, you need security controls at the workload level that are shared dynamically with security in your network - for real-time, multi-layered protection. Micro-segmentation allows you to isolate critical resources to control access and is an important part of Zero...
The firewall has been the cornerstone of enterprise network security since the dawn of the internet age. In 2021, the firewall’s capabilities still represent a core element of IT security, and they will remain so for years to come. But they need to continue to evolve.
A 30-year-old Greek national has been indicted on charges of selling insider trading tips and other proprietary financial data on darknet sites. Apostolos "The Bull" Trovias faces securities fraud and money laundering charges.
The Justice Department has filed seven new criminal charges against Paige Thompson, who is suspected of hacking Capital One in 2019, compromising the data of 100 million Americans, including exposing hundreds of thousands of Social Security numbers. If convicted, She now faces a possible 20-year sentence.
A government watchdog is urging NASA to make multiple improvements to its cybersecurity and risk management policies to counter threats to the space agency's network, infrastructure and data. NASA, in turn, is working toward making some security improvements outlined by the GAO by the end of this year.
This edition of the ISMG Security Report features an analysis of CISA's finding that agencies could have prevented follow-on attacks after the SolarWinds supply chain attack by properly configuring firewalls. Also featured: Congressman discusses deterring nation-state attacks; insider threat mitigation tips.
Cybercriminals and nation-states are attempting to recruit insiders at companies around the world to help steal credentials and intellectual property, says Joseph Blankenship, vice president and research director at Forrester, who offers risk mitigation insights.
A bipartisan group of senators is circulating a draft of a federal breach notification bill that would require federal agencies, federal contractors and businesses that have oversight over critical infrastructure to report significant cyberthreats to CISA within 24 hours of discovery.
A small U.S. nuclear weapons contractor has confirmed that it suffered a ransomware attack, resulting in the theft of data. Credit for the attack has been taken by the ransomware-as-a-service operation known as REvil, aka Sodinokibi, which the FBI recently tied to the attack against meatpacking giant JBS.
Is it any wonder that criminals keep flocking to ransomware when their individual haul from a well-executed digital heist can be worth $11 million? That's the amount paid to the REvil ransomware gang by meatpacker JBS USA, after its systems were crypto-locked on May 30.
In a decision that will have major implications for the cybersecurity industry, the U.S. Supreme Court ruled Thursday to limit the scope of the Computer Fraud and Abuse Act. Security researchers and civil liberty groups argued that the 1986 law was too broadly written and outdated for today.
A year ago, Chris Pierson and BlackCloak studied executives at top global pharma companies to learn the extent of password-based vulnerabilities. The findings weren't reassuring. Pierson revisited the study this year with a select few entities to see if the needle has moved in a more secure direction.