As attackers increasingly take advantage of users' risky behavior, enterprise security leaders are taking steps to improve end-user security education. Gretel Egan of Wombat Security outlines how to focus on education strategies that are truly effective.
The 10th annual IRISSCERT Cyber Crime Conference, to be held Thursday in Dublin, promises to round up crime trends and also offer updates on incident response lessons learned, spam fighting and even cybersecurity essentials for children.
A database security blunder revealed on Friday serves as a reminder that the days of SMS-based authentication should be over. The exposed database, which wasn't protected by a password, contained 26 million text messages, many of which were two-step verification codes and account-reset links.
So what's the mission of the newly launched Department of Health and Human Services' Health Sector Cybersecurity Coordination Center, and how will it function? HHS Deputy Secretary Eric Hargan explains the initiative and addresses top healthcare sector cybersecurity challenges in this in-depth interview.
An attack on Altus Baytown Hospital in Texas is the latest ransomware incident reported to federal regulators as a health data breach. What other major ransomware incidents are impacting the healthcare sector?
An analysis of China's surging hack attacks as part of an economic espionage campaign leads the latest edition of the ISMG Security Report. Also: Choosing the right MSSP, plus an analysis of the recent hijacking of Google traffic.
Voting in the United States carries a huge privacy cost: states give away or sell voters' personal information to anyone who wants it. In this era of content micro-targeting, rampant misinformation and identity theft schemes, this trade in voters' personal data is both dangerous and irresponsible.
A new, free decryptor has been released for "aggressive" crypto-locking ransomware called GandCrab. Researchers say GandCrab has come to dominate the ransomware-as-a-service market, earning its development team an estimated $120,000 per month.
Federal regulators plan to seek public comments on whether the HIPAA rules create barriers to sharing patient information among healthcare providers, hampering the ability to coordinate care. But some regulatory experts argue the problem is not the rules, but misunderstandings about what they allow.
The notorious Romanian hacker known as Guccifer, who revealed the existence of Hillary Clinton's private email server and admitted to hacking numerous email and social media accounts, has been extradited from Romania to begin serving his 52-month U.S. prison sentence.
InfoWars' website was briefly affected by the Magecart payment card skimming malware, a finding that triggered a fiery response from the far right commentary site. But InfoWars is just one in a long line of victims of the malware.
The United States will soon officially have a single agency that takes the lead role for cybersecurity. Congress has passed legislation to establish the Cybersecurity and Infrastructure Security Agency within the Department of Homeland Security. The measure awaits President Trump's signature.
The department store chain Nordstrom says it doesn't believe that employees' personal data, which was exposed in an October data breach due to a contractor's error, has been misused. The retailer says the breach exposed no customer data.
When implementing endpoint security solutions in healthcare environments, a critical consideration is the impact of the technology on clinical workflow, says Dave Summitt, CISO at the H. Lee Moffitt Cancer Center and Research Institute.