A Georgia-based orthopedic clinic has confirmed it's one of the victims of cyberattacks by "The Dark Overlord" hacker who recently posted for sale copies of stolen databases he says contain millions of records. But the clinic is tight-lipped about whether it was a victim of extortion.
Fallout from the leaked Democratic National Committee emails continues, with a new finding that suggests cyberattackers compromised a staffer's personal email account. The FBI also has confirmed its ongoing investigation into the breach.
Implementing a successful cybersecurity strategy in light of advanced threats calls for operationalizing three key principles: visibility, identity and risk, says Zulfikar Ramzan, chief technology officer at RSA.
Leading the latest ISMG Security Report, some security experts expect the United States government to retaliate against Moscow for interfering in the American presidential election if the Obama administration determines the Russian government was behind the hack of Democratic Party computers.
The nation's HIPAA enforcement agency has dramatically ramped up its issuance of breach-related financial penalties. In the ninth enforcement action of 2016, it slapped University of Mississippi Medical Center with a $2.75 million fine after a breach investigation revealed big security woes.
A new portal - NoMoreRansom.org - aims to help ransomware victims avoid having to pay ransoms to get their data back. Backed by Dutch and EU law enforcement agencies, plus security firms Kaspersky Lab and Intel Security, the site includes the first decryptor for Shade ransomware.
WikiLeaks' release of more than 19,000 emails stolen from the Democratic National Committee's computer systems has thrown the party into crisis mode. A look at the leaked emails also provides insights into the DNC's cybersecurity practices.
An investigative report from Reuters paints a disturbing picture of the Federal Reserve Bank of New York using antiquated security practices to safeguard interbank SWIFT payments. Here's how security experts say interbank transaction security must be improved.
Neither ransomware nor social engineering is new, but both are more advanced and effective than ever. How can organizations improve how they detect and respond to the latest threats? James Lyne of Sophos shares insight and advice.
As Democrats gather in Philadelphia to nominate Hillary Clinton for president, it's a good time to examine the former secretary of state's positions on cybersecurity and online privacy. Here's where she stands.
"Inertia and clumsiness" at the Federal Reserve Bank of New York nearly led to one of the biggest cyber-heists in history - resulting in $81 million being stolen from the central bank of Bangladesh - being even worse, according to a new report.
Too many organizations have too many disjointed security controls, says Vijay Bharti of Happiest Minds. What do they need? An integrated cybersecurity approach that includes analytics, machine learning and a higher degree of automation.
Bruce Schneier, CTO of Resilient Systems, is busy exploring how IoT - the name given to computerization of everything in our lives - is changing the security world. "We're building a world-sized robot, and we don't even realize it."
An analysis of the GOP platform, which takes a tough stand against Chinese and Russian hackers and suggests 'hack back' as a suitable cyber defense, highlights this edition of the ISMG Security Report. Also featured: reports on mitigating Pokémon Go risks and the growth of the IT security workforce.
In light of the surge of ransomware attacks in the healthcare sector this year, security risk adviser John Pironti of ISACA offers in-depth technical advice on preparing for - and reacting to - such attacks.