The lack of automation and actionable threat intelligence may be preventing enterprises from developing the fully functional Cyber Fusion Centers they envision. Anomali's Mark Alba shares ideas on how to change that.
Chat and collaboration software tools such as Slack are critical for software development teams. But a data breach experienced by Utah-based software developer WildWorks illustrates why developers should think twice before sharing sensitive database keys over chat.
Information Security Media Group's members-only CyberEdBoard CISO community has opened its doors, giving senior cybersecurity practitioners a private ecosystem to exchange intelligence, gain access to critical resources and enhance personal career capabilities in collaboration with peers around the world.
Hacking incidents - including ransomware attacks - continue to be the most common type of health data breaches added to the federal tally this year. And the ongoing COVID-19 crisis will put healthcare organizations at heightened risk for such incidents in the months to come, some experts predict.
Darkside is the latest ransomware operation to announce an affiliate program in which a ransomware operator maintains crypto-locking malware and a ransom payment infrastructure while crowdsourced and vetted affiliates find and infect targets. When a victim pays, the operator and affiliate share the loot.
Researchers at Area 1 Security say a recently uncovered phishing campaign using a message saying that the recipient has been fired from their job is attempting to plant two malware strains - Bazar and Buer - using the Trickbot botnet.
A recently uncovered phishing campaign is using a spoofed U.S. Internal Revenue Service domain and social engineering techniques in an attempt to trick targeted victims into sending money to fraudsters, according to researchers at Abnormal Security.
A recently uncovered banking Trojan targeting Android devices can spy on over 150 apps, including those of banks, cryptocurrency exchanges and fintech firms, as a way to gather credentials and other data, according to an analysis by security firm Kaspersky.
A medical device maker has sued an IT vendor in the wake of an email server migration mishap that exposed the health data of more than 277,000 individuals. The case illustrates the complexities of vendor risk management - especially after mergers and acquisitions.
Louis Marinos of the European Cybersecurity Agency offers an analysis of the agency's new Threat Landscape 2020 report, which shows how cybercriminals have been advancing their capabilities, adapting quickly and targeting victims.
Cybersecurity is poised to become a higher White House priority when President-elect Joe Biden takes office. And he's expected to renew key international relationships needed in the fight against cyberattacks.
The good news: U.S. election security measures seem to have worked. The bad news: Disinformation and misinformation campaigns continue. Tom Kellermann, who served as a cybersecurity adviser to President Obama, offers advice for President-elect Joe Biden and others on protecting critical infrastructure.
As the healthcare sector prepares for the distribution of COVID-19 vaccines, intensifying the attention to supply chain cybersecurity is critical, says Michael McNeil, senior vice president and CISO of McKesson Corp., which distributes pharmaceuticals and medical supplies.
Inadequate database and privileged account monitoring, incomplete multifactor authentication and insufficient use of encryption: Britain's privacy regulator has cited a raft of failures that contributed to the four-year breach of the Starwood guest reservation system discovered by Marriott in 2018.