Script-based payment card malware continues its successful run, impacting a range of e-commerce sites, security researchers warn. With fraudsters continuing to refine their tactics, countering card-sniffing scripts continues to be difficult.
At ISMG's Fraud Summit in New York, former Black Hat hacker and hacktivist Hector Monsegur explains why security executives need to listen to people like him and why attackers simply won't go away.
Aluminum giant Norsk Hydro has been hit by LockerGoga ransomware, which was apparently distributed to endpoints by hackers using the company's own Active Directory services against it. To help safeguard others, security experts have called on Hydro to release precise details of how it was hit.
In today's hyper-connected enterprise, organizations are at risk of two different types of attack. Larry Link, CEO of Cequence Security, explains how to defend at a platform level - without adding friction.
The FDA is generally on the right track in updating guidance for the cybersecurity of premarket medical devices. But a variety of changes are needed, say some of the healthcare sector companies and groups that submitted feedback to the agency.
An unprotected database belonging to Chinese e-commerce site Gearbest exposed 1.5 million customer records, including payment information, email addresses and other personal data for customers worldwide, white hat hackers discovered.
Mirai, the powerful malware that unleashed unprecedented distributed denial-of-service attacks in 2016, has never gone away. And now a new version has been equipped with fresh exploits that suggest its operators want to harness the network bandwidth offered by big businesses.
Destructive malware attacks, once rare, have been surging as attackers seek to cover their tracks and complicate life for incident responders, says Rick McElroy, head of security strategy at Carbon Black.
It's not enough to detect an attack. To be truly effective, defenders need to capture digital fingerprints and movement through the network. Lastline CEO John DiLullo discusses this level of defense.
Symantec and scores of partners have launched a new integrated cyber defense initiative aimed at promoting industry collaboration and delivering new business value, Art Gilliland explains.
A medical software vendor's unsecured fax server leaked patients' medical information, highlighting yet again the importance of vendor risk management.
Getting a telemetry stream back from applications can help organizations to "adjust much more quickly to see how practical attacks are happening on the endpoint and then go to mitigate," says Aaron Lint of Arxan.
Backers in the U.S. Congress are hoping that the third time is the charm for an internet of things cybersecurity bill that would set minimum security standards for the connected devices that the federal government purchases for various projects.
Criminals wielding a new strain of ransomware called Cr1ptT0r are targeting network-attached storage users. The campaign was first discovered in February after owners of D-Link network storage enclosures reported that their devices were being crypto-locked.
The latest edition of the ISMG Security Report features a discussion of the role of "prosilience" in IoT security, plus the problem of overnotification under GDPR and the notion of "Spartacus as a Service."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.