It's a red-faced moment for FireEye. The company says an investigation reveals that an attack against an analyst's personal online accounts was enabled by the employee's continued use of compromised login credentials.
The latest edition of the ISMG Security Report leads with a report on the charges brought against Marcus Hutchins, the "accidental hero" who stoped the WannaCry malware outbreak. Also featured: reports on advances in attribution and new legislation to secure vulnerable medical devices.
Employees are still falling for phishing scams leading to major breaches, including those related to ransomware attacks, say federal regulators, who are urging healthcare entities to step up their workforce training and awareness of email schemes.
Cybersecurity researcher Marcus Hutchins will plead not guilty in federal court to charges relating to creating and selling banking malware called Kronos. Some in the security community think the FBI may have confused legitimate research activities with criminal behavior.
Maxim Senakh, who was extradited from Finland to the United States to face charges related to Ebury botnet attacks, has been sentenced to serve nearly four years in federal prison, after which he will be deported to his native Russia.
British national Marcus Hutchins, aka "MalwareTech," has been arrested by the FBI on charges relating to the distribution of the Kronos banking Trojan. Hutchins is the "accidental hero" who singlehandedly defused the WannaCry ransomware outbreak.
The front line to battle Russian hackers is shifting to American courts, according to the lead story in the latest edition of the ISMG Security Report. Also, malware targets Apple's operating system and a preview of the ISMG Fraud and Breach Prevention Summit in New York.
The Medical Device Innovation, Safety and Security consortium is hoping its new network of labs operated by healthcare entities across the globe for the standardized cyber testing of medical devices will help to greatly reduce risks, say MDISS leader Dale Nordenberg, M.D., and Benjamin Esslinger of Eskenazi Health.,...
Office of Personnel Management Chief Information Officer David DeVries says negative aspects of a Government Accountability Office report on steps OPM is taking to secure its IT paint an incomplete and not fully accurate picture of the agency's cybersecurity posture.
Spain has approved a U.S. extradition request for Russian national Stanislav Lisov, who's been charged with helping to organize and profit from a prolific banking Trojan called Neverquest. He's the latest in a long line of suspected Russian hackers to be detained while vacationing abroad.
Security expert Troy Hunt has released a massive data set of compromised passwords that's intended to help web services steer users away from picking those that have already been exposed in data breaches.
A proposed Senate bill aims to bolster the cybersecurity of medical devices, including creating a report card that provides transparency about a device's "cyber capabilities" and results from cyber risk assessments and testing. Does bill overlap with work already underway?
Gartner's Avivah Litan, a featured speaker at ISMG's Fraud and Breach Prevention Summit in New York on Aug. 8, says hacker attribution is taking on new importance, as traditional methods of determining attack risk and detection linked to indicators of compromise are no longer effective.