Why did U.S. President Donald Trump discuss cybersecurity firm CrowdStrike with the president of Ukraine, saying "the server, they say Ukraine has it"? Experts say Trump appears to be referring to one or more conspiracy theories, none of which have a basis in reality.
APT groups that are backed by the Russian government rarely share code with each other, fostering a competitive landscape, according to a new report. This shows that Russia is willing to push the limits of its sophisticated cyber capabilities, researchers conclude.
Did the gang behind GandCrab fake its retirement? Security experts say there's mounting evidence that the operators of the notorious ransomware-as-a-service operation only announced their retirement after ramping up the rival Sodinokibi/REvil service.
Technology companies often don't build in controls to protect privacy during the application development process, says Jason Cronk, a lawyer and privacy engineer. But using "privacy by design" principles during software development can help avoid trouble, he says.
A new resource designed to help healthcare organizations of all sizes engage in cybersecurity information sharing is now available. Errol Weiss, who helped create the "cybersecurity matrix," describes how to use it.
Seven healthcare and health IT industry groups are asking Congress to apply the brakes in issuing a final rule on interoperability, information blocking and health information exchange as required under the 21st Century Cures Act, citing concerns about privacy and other issues.
A week after the Emotet botnet crept back to life, the attackers behind it are already trying a new way to ensnare victims - using Edward Snowden's newly released memoir as a phishing lure, according to the security firm Malwarebytes.
An ongoing campaign to spread a new type of malware dubbed LookBack among U.S.-based utilities is much more extensive than previously believed, with at least 17 companies targeted since April, Proofpoint researchers say.
Europe's top court has ruled that Google does not have to remove links to sensitive personal data globally under the EU's "right to be forgotten" requirements, saying the requirement only applies in Europe.
Russian national Andrei Tyurin pleaded guilty to perpetrating massive hack attacks against leading U.S. financial services firms and others from 2012 to mid-2015. Victims included JPMorgan Chase, from which he stole details of 83 million customer accounts.
A ransomware attack late last week on a county hospital in rural Wyoming was still causing patient care disruptions on Monday. Some patients were sent more than 125 miles away to other area hospitals for treatment.
Facebook says it has suspended tens of thousands of apps as part of its ongoing investigation into data misuse that grew out of the Cambridge Analytica scandal. The company won't disclose the affected apps, but an unsealed court filing says it has suspended 69,000.