U.S. Secret Service alert: For the first time, malware-using fraudsters have been draining U.S. ATMs of their cash via what's known as a jackpotting or cash-out attack. Two older models of ATMs made by Diebold Nixdorf appear to have been targeted.
In the wake of a ransomware attack that disrupted patient care services for hundreds of Allscripts' customers, a class action lawsuit has been filed against the cloud-based electronic health records vendor for allegedly "failing to secure its systems and data from cyberattacks."
How much does it cost to buy cybercrime-enabling products or services? Just $5 and up, security researchers say. Law enforcement agencies warn that small-time players as well as "serious and organized" crime rings are using cybercrime as a service to make illicit profits.
Leading the latest edition of the ISMG Security Report: Ransomware crypto-locks customer data stored by a cloud-based service provider. Also, there's a move afoot to use blockchain technology to better protect people's personally identifiable information.
The newly confirmed secretary of the Department of Health and Human Services, Alex Azar, has the potential to reset critical national healthcare priorities and policies, including those related to security and privacy. But what action will he take regarding HIPAA enforcement and other issues?
After spiking in 2017, the volume of attacks involving ransomware has since declined, but the malware still remains a potent threat. For attackers, ransomware barriers to entry are lower than ever, thanks to highly automated ransomware-as-a-service offerings.
After settling a breach lawsuit for $17.2 million, Aetna has signed another large settlement related to privacy breaches involving mailings to its health plan members. The latest settlement with the New York state attorney general's office involves two mailings last year.
The web may be largely funded thanks to online advertising, but the threat posted by malicious advertisements continues to escalate. Indeed, the latest malvertising scheme, uncovered by security firm Confiant, served 1 billion malicious advertisements.
Technology giants are still struggling to identify what's at risk from the Spectre and Meltdown flaws in modern CPUs, never mind getting working security updates into users' hands. In the meantime, expect a rush by researchers to find more flaws in microprocessor code.
The usual advice for major security flaws is to patch as quickly as possible. Now Intel is calling for a full stop due to imperfect patches for a trio of chip security vulnerabilities known as Meltdown and Spectre.
In separate cases, two hackers have either pleaded guilty or been sentenced to serve jail time in part for launching or facilitating DDoS attacks. One defendant, John Kelsey Gammell, was unmasked after taunting a former employer over the "ongoing IT issues" his DDoS attacks were causing.
Organizations in the Middle East and Central Asia are beginning to respond to the nuances of the evolving threat landscape in the region, says Tata Communication' Avinash Prasad in this exclusive interview.
Blockchain holds potential for supporting secure health data exchange, but it has limitations that organizations need to keep in mind, says Intel's David Houlding in this in-depth interview on the technology.
A ransomware attack on electronic health records vendor Allscripts late last week is a reminder of the potential disruption to patient care delivery healthcare entities can face if a cloud-services provider suffers a cyberattack. It also points to the need for business continuity planning.
The operators of the Necurs botnet continue to target victims with phishing campaigns designed to infect them with banking malware, ransomware and cryptocurrency fever, as well as to generate profits via dating website referrals.