Colonial Pipeline, which oversees more than 5,500 miles of pipeline that supplies fuel throughout the U.S. East Coast, confirmed Saturday that a ransomware attack has disrupted its services, and the company has taken some of its IT systems offline as a precaution.
U.S. and U.K. cybersecurity, law enforcement and intelligence agencies issued a joint advisory Friday offering detailed information on how to defend against the activities of the Russian Foreign Intelligence Service, or SVR, in the wake of the 2020 SolarWinds supply chain attack.
Attackers co-opted the Hancitor malware downloader and recently used it to deliver Cuba ransomware as part of an email spam campaign for data exfiltration and ransom extortion, a new report by security firm Group-IB finds.
As patients more commonly use smartphones and APIs to access their health information, critical security and privacy considerations need to be top of mind, says Micky Tripathi, the new national coordinator for health IT at HHS.
The Fermilab physics laboratory in the U.S. has tidied up its systems after security researchers found weaknesses exposing documents, proprietary applications, personal information, project details and credentials.
A severe vulnerability in a system on certain Qualcomm chips, which has been patched, potentially could have enabled attackers to remotely control Android smartphones, access users' text messages and listen in on conversations, according to a new report from Check Point Software Technologies.
The Cybersecurity and Infrastructure Security Agency has issued an alert providing more details on the threat posed by FiveHands ransomware attacks and offering risk mitigation tips.
Four editors at Information Security Media Group discuss timely cybersecurity issues, including a call for cryptocurrency regulation and the impact of hospital ransomware attacks.
Security researchers have uncovered a flaw dubbed TsuNAME in DNS resolver software that attackers could used to carry out distributed denial-of-service attacks against authoritative DNS servers. Google and Cisco have resolved the issue in their DNS servers.
The latest edition of the ISMG Security Report features an analysis of whether courts can trust evidence collected by Cellebrite's mobile device forensic tools. Also featured: Report shows attackers' dwell times plummeting; a call for partnership with law enforcement.
Security researchers say API flaws could have exposed the private data of millions of Peloton fitness equipment online service users for months before they were recently patched.
Intel and AMD are disputing the findings of researchers from two universities who say they've discovered new attacks on Intel and AMD processors that can bypass most of the defenses put in place earlier for similar "Spectre" and "Meltdown" attacks.
The Defense Department will expand its vulnerability disclosure program in the coming months, inviting ethical hackers to find flaws in a wider array of systems and applications - including IoT and industrial control systems - within the Pentagon's public-facing networks.
Attackers are increasingly using malicious OAuth 2.0 applications to siphon data and access sensitive information from cloud platforms, and mitigating the risks is proving challenging, according to the security firm Proofpoint.
About 50% to 70% of all ransomware attacks in the U.S. are targeting small and medium-sized businesses, costing the victims an estimated total of $350 million in the last year, Secretary of Homeland Security Alejandro Mayorkas said Wednesday in a speech to the U.S. Chamber of Commerce.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.