New rules set by the widely used malware database service VirusTotal will exclude security vendors for not sharing data. This move highlights ongoing tension in the multi-billion dollar anti-malware industry.
Breaches in the healthcare sector are continuing to surge, in part, because cybercriminals are building big data resources that can be used to fuel fraud, security experts Larry Ponemon and Rick Kam say in an audio interview discussing findings of a new Ponemon Institute report.
America's cyber infrastructure is under constant attack, and damage to it could have significant consequences. But the presidential candidates haven't had much to say about the issue. At ISMG's Fraud and Breach Prevention Summit, a panel of experts will address how the next president should tackle cybersecurity.
Children's National Health System in Washington is blaming a medical transcription company's misconfigured file server for a data breach that exposed thousands of patient records on the web. What can be done to prevent such incidents?
Verizon's annual Data Breach Investigations Report has triggered an avalanche of criticism that researchers made critical errors when studying and reporting on the top 10 most frequently exploited software vulnerabilities.
The same Turkish hacking group that recently leaked data from Qatar National Bank and UAE's InvestBank apparently has leaked data that appears to belong to five banks in Nepal and Bangladesh. But are the leaks the result of new breaches?
It's one thing to talk or even plan about "What happens if we are breached?" It's quite another to undertake a true breach exercise. What are the critical elements of such a drill? Author Regina Phelps shares advice from her new book.
Israel reportedly will extradite two suspects who were indicted in connection with cyberattacks that breached JPMorgan Chase and others. Cybersecurity experts say this is the latest example of how cross-border collaboration to bring cybercriminals to justice is improving.
The Defense Advanced Research Projects Agency has awarded Georgia Tech a $2.9 million grant to develop a process for quickly identifying and then defending against low-volume DDoS attacks, which are far more common than high-volume attacks but can be just as disruptive.
Like class action lawsuits stemming from breaches of electronic health data, a new lawsuit filed in the aftermath of the loss of paper records faces slim chances of success, legal experts say. But will regulators take action in the case?
Australian entrepreneur Craig Wright boasted that he was the secret bitcoin creator known only as "Satoshi Nakamoto." But his claim has been dismantled by security experts, leading one to call Wright "the world's first cryptographically provable con artist."
The FTC and FCC have launched security investigations of mobile device makers and wireless carriers, citing growing concerns over vulnerabilities that threaten "the security and integrity" of these products and services. The regulators are examining how security patches are distributed.
With today's multi-layered attack surface, traditional vulnerability management no longer suffices. Security leaders must embrace a new strategy to help identify and secure true assets at risk. Gautam Aggarwal of Bay Dynamics explains how.
The HHS Office of Civil Rights is gearing up for round two of HIPAA compliance audits. What should security leaders expect, and how should they prepare? David Holtzman of CynergisTek and Geoff Bibby of Zix offer insights and advice.