Months after the New Jersey attorney general's office smacked a medical practice with a hefty penalty for a 2016 breach, the office has signed a $200,000 settlement with the group's business associate that was responsible for the incident and banned its owner from managing or owning a business in the state.
Criminals wielding crypto-locking ransomware - especially Dharma/CrySiS, GandCrab and Global Imposter, but also SamSam - continue to attack. Insurance firm Beazley says cyber claims for ransomware have increased in recent months, with the healthcare sector hardest hit.
Georgia's Republican gubernatorial candidate has accused the state's Democratic Party of attempting to hack the state's voter registration database. The accusation, from Brian S. Kemp, is complicated by his also being the state's current secretary of state, supervising election infrastructure and security.
Want to better block business email compromise - CEO fraud - attacks outright, as well as be able to spot and respond more quickly to any BEC attacks that get through? Incident responder David Stubley details essential defenses all businesses should put in place now.
Australia's largest defense exporter says it hasn't responded to an extortion attempt after ship design schematics were stolen by a hacker. Austal says the material is neither sensitive nor classified.
An Iowa eye clinic and its affiliated surgery center recently recovered from a ransomware attack on their common systems within one day and without paying a ransom. This case offers important reminders to other healthcare entities and their vendors about advance planning.
After an initial effort got off to a rocky start, the Department of Health and Human Services has started over, making a second attempt at launching a cyber coordination center that aims to help the healthcare sector improve its defenses and boost information sharing. Will the latest effort prove successful?
The Justice Department says two Chinese intelligence officers and eight others were indicted for stealing trade secrets that are intended to help the country shortcut technology research. The indictment comes as tension over intellectual property hacking has risen between the U.S. and China.
Private sector organizations in Canada must now report all serious data breaches to the country's privacy watchdog as a result of new provisions in Canada's PIPEDA privacy law. Violators face fines of up to $100,000 for every breach victim they fail to notify or breach they attempt to hide.
We know that cybercriminals and even nation-states are taking advantage of the clues we leave behind in our digital footprints. How can investigators and researchers take advantage of this same open source intelligence? Former RAF investigator John Walker discusses the perils and promise of OSINT.
Don't fear free tools and practices if they can help your organization better block phishing attacks, improve information security posture and help safeguard others, too, says Andy Bates of the Global Cyber Alliance.
An advisory council is again urging the Department of Health and Human Services to allow certain donations of cybersecurity technology and services to smaller healthcare providers. Greg Garcia of the council, who will keynote ISMG's upcoming Healthcare Security Summit in New York, explains why.
A slick ransomware-as-a-service operation called Kraken Cryptor has begun leveraging the Fallout exploit kit to help it score fresh victims, researchers from McAfee and Recorded Future warn. Absent offline backups, victims have little chance of recovering from its crypto-locking attacks.
Kenneth Schuchman, the alleged author of a supercharged variant of Mirai malware called Satori, has been rearrested for violating his bail conditions. In what may be a coincidence, security researchers say a Satori botnet went dormant following Schuchman's arrest, only to be reawakened later.