Almost all versions of Windows are vulnerable to an OLE flaw that is being actively exploited in the wild. This is the second zero-day vulnerability tied to the so-called "Sandworm Team" of hackers, and no patch is yet available.
Security experts participating in an FDA workshop highlight the urgent need to immediately improve the cybersecurity of networked medical devices, which may be vulnerable to hacking that could potentially be life-threatening.
In his keynote address at the ISMG Fraud Summit New York on Oct. 21, PCI's Bob Russo predicts credit card fraud will significantly rise in the short term as EMV payment cards get rolled out in the United States. Find out why.
An FBI official on Oct. 20 said the hacks of JPMorgan Chase and other U.S. banks do not appear to have been in retribution for Western economic sanctions against Russia. But FBI investigators still have not determined who was behind the attacks.
Researchers demonstrate how ATMs could be hacked - without installing malware - by connecting a tiny computer to an inside port, bypassing the ATM's own computer and instructing the cash dispenser to begin issuing money.
An unsecure folder of patient data that was accessible via the Internet has resulted in a breach affecting more than 307,000 individuals. Some security experts say this kind of misstep is a relatively common among healthcare organizations.
Staples has confirmed that it's investigating a potential data breach after a report warned that elevated levels of payment card fraud had recently been tied to card numbers used by consumers who shopped at the office supply retailer.
Drawing on networking protocols designed to support NASA's interplanetary missions, two researchers have created a networking system that's designed to transmit information securely and reliably in even the worst conditions, such as in an Ebola hot zone.
While fraud-fighting experts are debating the long-term impact President Obama's "BuySecure Initiative" will have on speeding EMV adoption in the U.S., they agree the president is drawing attention to the need for stronger card security.
Despite President Obama's urgent call to lawmakers to enact a national data breach notification law, such legislation will not likely be voted upon before the current Congress adjourns at year's end. Here's why.
More healthcare entities might consider implementing NIST's cybersecurity framework if healthcare-specific guidance on putting the framework to use was available, says Lee Kim of the Healthcare Information and Management Systems Society.
In addition to adopting the right IT security standards to mitigate advance persistent threats, organizations need to pick the right people to carry out those standards, says Jon Long, a featured speaker at ISMG's Global APT Defense Summit on Oct. 22.
Government intelligence agencies' information security offensive capabilities may far outstrip businesses' collective defenses, but organizations can still tap a variety of techniques to defend themselves against many types of intrusions.