The latest edition of the ISMG Security Report offers an in-depth analysis of how to prevent data exposure in the cloud. Plus: why PCI's new contactless payment standard lacks PINs, and how to go beyond the hype to accurately define "zero trust."
The healthcare sector is especially susceptible to ever-evolving cybercrimes, says attorney Jason G. Weiss, a former FBI special agent and forensics expert, who describes critical steps to take to avoid falling victim.
Cybercriminals are targeting users of Microsoft's Office365 subscription services with phishing campaigns that uses fake voicemail messages in an attempt to steal victims' credentials and other information, according to researchers at the security firm McAfee.
Two hackers have pleaded guilty in connection with an extortion campaign tied to the theft of data on about 57 million Uber customers and drivers. The incident led to a massive fine against the ride-sharing company for its tardy breach notification and weak security.
One major challenge with combating cybercrime in the 2020s and beyond appears destined to be attackers launching a greater number of "smaller-value crimes" so they can better stay "below the radar" of law enforcement, says the Global Cyber Alliance's Andy Bates.
Many HIPAA enforcement actions taken by federal regulators have chastised organizations for their poor security risk assessments. In light of this ongoing challenge, HHS has released an updated version of its security risk assessment tool, which includes improved asset and vendor risk management features.
It's one thing to plan for a cybersecurity incident, but quite another to have proper insurance coverage to prepare for such an event. Mark Singer of Beazley shares an overview of the cyber insurance myths and realities.
Mobile devices are attractive targets for attackers because of messages, call logs, location data and more. State-sponsored groups are digging ever deeper into mobile hacking, says Brian Robison of BlackBerry Cylance.
FCC Chairman Ajit Pai is pushing a proposal that would ban U.S. telecommunications firms from using commission funds to buy equipment from companies deemed national security threats. The new rule would first target Chinese telecom companies Huawei and ZTE.
After months of appeals, Facebook has agreed to pay $643,000 to settle claims that it violated U.K. privacy laws by allowing Cambridge Analytica - a now-defunct digital marketer that focused, in part, on political campaigns - to access the personal data of 87 million of its users.
Facebook is suing NSO Group, a spyware company, alleging it developed a potent exploit to spy on WhatsApp messages sent by diplomats, journalists, human rights activists and political dissidents. Facebook is seeking damages and an injunction forbidding NSO Group from accessing its infrastructure.