It's a good time to be a CISO. You have the board's attention, and now you can use your position to ensure appropriate resources to tackle key challenges such as identity & access, cloud application security and third-party risk. Expel CISO Bruce Potter discusses how best to influence these decisions.
The Sodinokibi ransomware gang is targeting point-of-sale payment device software after infecting networks with its crypto-locking malware, according to Symantec.
Greg van der Gaast, head of information security at the University of Salford in the United Kingdom, has strong opinions on why some security investments aren't reaping maximum benefits. "We are addressing problems too far downstream," he says.
The Evil Corp cybercrime group, originally known for the Dridex banking Trojan, is now using new ransomware called WastedLocker, demanding ransom payments of $500,000 to $1 million, according to security researchers at NCC Group's Fox-IT.
Federal agencies will add a layer of security to their websites that use the top-level domain .gov. All the sites eventually will use the HSTS protocol, which ensures that a user's connection to a website is encrypted and can protect against man-in-the middle attacks and cookie hijacking.
Fraudsters are now deploying the IcedID banking Trojan via phishing campaigns that use the COVID-19 pandemic as one of several lures, according to Juniper Threat Labs.
The recent leak of 269 GB of sensitive data from more than 200 police departments and the FBI could be a sign that law enforcement agencies are becoming a prime target for hackers, given recent civil unrest.
A spear-phishing campaign is using military-themed malicious Microsoft Office documents to infect devices, according to researchers at Cisco Talos. The analysts also found this campaign is using a previously unknown dropper called IndigoDrop to spread a weaponized version of Cobalt Strike.
It's a new, dynamic workforce - and also a larger, more dynamic threat landscape. How have threats evolved, and how can enterprises better prioritize risks and response? Ran Shahor, CEO of HolistiCyber, shares strategies.
Integrating IoT devices into OT systems brings a raft of security concerns. Microsoft's acquisition of CyberX, which offers a specialized IoT/OT security platform, may give some organizations more confidence to tackle what can be a messy business of securing and monitoring IoT controls across a network.
Four recent cybersecurity incidents that may have involved ransomware demonstrate the ongoing threats facing the sector during the COVID-19 pandemic. They also serve as a warning that extra watchfulness is needed as physicians reopen their clinics.
As a result of the rapid move to a remote workforce, now is a golden opportunity to refine cybersecurity approaches - especially for the cloud, says Christian Toon, CISO at the international law firm, Pinsent Masons.
If the lifting of telehealth restrictions during the COVID-19 pandemic becomes permanent through new legislation or changes in government policies, what would be the potential impact on patient data privacy and security?
Hackers wielding Nefilim ransomware are targeting unpatched or poorly secured Citrix remote-access technology, then stealing data, unleashing crypto-locking malware and threatening to dump data to try to force payment, New Zealand's national computer emergency response team warns.
A Nigerian entrepreneur has pleaded guilty to charges stemming from an $11 million business email compromise scheme that targeted a U.K. affiliate of U.S. heavy equipment manufacturer Caterpillar.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.