Based on Lockheed Martin's experience in the aftermath of a data breach, the company advises organizations to diligently gather threat intelligence internally to support development of an effective mitigation strategy, says Chris Coryea, cyber intelligence specialist.
Tens of thousands of Cisco Adaptive Security Appliance devices remain vulnerable to a zero-day exploit released last month as part of the Equation Group toolset dump by Shadow Brokers, according to scans conducted by security firm Rapid7.
Web portal Rambler - likened by some to a Russian version of Yahoo - was reportedly hacked in 2012, resulting in the theft nearly 100 million user credentials. But the company disputes some aspects of the supposed breach.
Hutton Hotel says it failed to spot that its point-of-sale systems were compromised by malware for over three years. Separately, Noble House is now warning that its breach investigation uncovered 10 malware-infected hotels or restaurants.
Dear customer: "The security and privacy of your systems are our priority." Cue a new breach notification, this time from Lightspeed POS, which sells a cloud-based point-of-sale product used by 38,000 organizations.
As it prepares to file an appeal in federal court, LabMD is seeking a "stay" in implementing the Federal Trade Commission's final ruling in a longstanding dispute over the lab's information security practices.
A report on the implications of failing to notify manufacturers of security flaws in their medical devices and a conversation with internet co-founder Vint Cerf highlight the latest edition of the ISMG Security Report.
In their quest for easy ways to extort victims into giving them bitcoins, cybercriminals continue to double down on crypto-ransomware attacks and increasingly target enterprises, seeking proportionally higher paydays.
To the annals of super-bad historical mega breaches that no one knew about, add two new entries: Dropbox and Last.fm. Hackers reportedly stole tens of millions of usernames and passwords from each in 2012.
Kimpton Hotels & Restaurants is warning that all 62 of its hotels suffered a POS malware infection this year that resulted in the compromise of cardholder data. So far it's unclear if the attack relates to breaches of Oracle MICROS or other POS vendors.
The way the U.S. federal government funds information technology served as a major contributor to last year's breach of computers at the Office of Personnel Management that exposed 21.5 million records, says Federal Chief Information Officer Tony Scott.
Data centers are difficult to defend, and securing the perimeter is important but of little consequence if attackers get inside. But there are ways to lock down data centers, former White House strategist Nathaniel Gleicher explains in this interview.
At least some of the alleged cybersecurity vulnerabilities in St. Jude Medical cardiac devices that were found by research firm MedSec Holdings don't necessarily translate to serious clinical risks for patients, says medical device security expert Kevin Fu.
Following the $81 million Bangladesh Bank hack, "persistent, adaptive and sophisticated" attackers have continued to compromise banks' local security controls to send fraudulent money-moving messages via SWIFT's interbank messaging network, and, in some cases, successfully steal money, SWIFT warns.