A previously unnamed U.S. energy company that agreed to a record $2.7 million settlement after it left 30,000 records about its information security assets exposed online for 70 days in violation of energy sector cybersecurity regulations has been named as California utility PG&E.
Machine data and machine learning have the potential to connect disparate data sources, enabling better fraud detection and prevention, says Matthew Joseff of Splunk, who highlights real-world examples of fighting fraud with better data.
Philips and Becton Dickinson have each issued multiple alerts this year regarding cybersecurity flaws in some of their medical devices. Some security experts say the two companies' transparency about cybersecurity issues - including new alerts issued last week - should be emulated by other manufacturers.
Public health alert: Russian trolls have been spreading "polarized and anti-vaccine" misinformation via social media in a manner that appears designed to undercut trust in vaccines, researchers warn. Lower vaccination rates have already contributed to a rise in mass outbreaks of measles among children.
Although fraud schemes continue to evolve, social engineering remains a critical element, says Brett Johnson, a former fraudster who now advises organizations on how to fight cybercrime. He explains how new attacks are often tweaks of much older schemes.
Google has suspended multiple YouTube channels and videos, as well as blogs, after tying them to phishing attacks and influence operations linked to Iran's state media. The technology giant's moves coincided with similar efforts by Facebook and Twitter.
Security thought leaders have long called for organizations to shift from a conventional "peacetime" view of cybersecurity to more of a "wartime" mindset. Aetna CSO Jim Routh now says it's time for enterprises to shift from conventional to unconventional security controls.
A website that appeared to be part of a phishing campaign designed to gain access to the Democratic National Committee's voter database has turned out to be part of an uncoordinated security exercise. The false alarm has highlighted the benefit of actively monitoring for election interference.