The group of hackers who recently claimed to have hacked the CIA director's personal email account now says it has breached an FBI information-sharing portal. So far, the group has released contact information for about 2,400 law enforcement users.
While 2015 is already a record year for mega breaches in the healthcare sector, recent incidents involving common, persistent problems - as well as smaller scale hacker attacks - continue to litter the federal tally of health data breaches.
Buoyed by massive illicit profits, cybercriminals have continued to refine their ransomware attacks, including updating their crypto techniques to foil decryption tools, encrypting file names and threatening to leak stolen secrets.
The National Institute of Standards and Technology has issued a Guide to Application Whitelisting that provides step-by-step instructions on deploying automated application whitelisting to help prevent malware from accessing IT systems.
In a video interview, Bob Carr of Heartland Payment Systems offers a frank assessment of missteps in the wake of the processor's landmark 2008 data breach, and he calls for widespread use of end-to-end encryption.
Under the White House's new cybersecurity strategy and implementation plan, federal civilian agencies face a Nov. 13 deadline to identify and report their high-value information and assets that could attract adversaries.
The HHS Office of Inspector General plans to more closely scrutinize federal regulators' oversight of the security controls that healthcare providers and business associates use to protect electronic patient information. It also will review FDA oversight of medical device cybersecurity.
The FFIEC has issued an alert calling on financial institutions to take specific risk mitigation steps in light of an increase in the frequency and severity of cyberattacks involving extortion. Fraud experts applaud the move while offering additional recommendations.
The quantity and duration of distributed denial-of-service attacks continue to increase. The latest attacks are being launched via MySQL servers infected with Chikdos malware, as well as compromised Internet-connected CCTV systems, researchers say.
In this video interview, Mike Weber of Coalfire Labs discusses ways that healthcare organizations can develop strategies for easily sharing patient data among clinical professionals using a variety of devices while protecting that data from attackers.
British police have arrested a third suspect in connection with the hack attack against telecommunications provider TalkTalk. Separately, Vodafone UK also issued an alert of a breach, which it traced to reused passwords.
The so-called 30-day cybersecurity sprint championed by Federal CIO Tony Scott has resulted in a strategy and implementation plan for federal government civilian agencies that focuses on a defense-in-depth approach to IT security.
Senate-approved legislation that would incentivize businesses to share cyber threat information with the government also would strengthen the Department of Homeland Security's oversight of civilian federal agencies in implementing cyber safeguards.