A recent alert from the Department of Homeland Security warning of vulnerabilities in certain medical imaging products from GE Healthcare is a reminder to other medical device makers and healthcare entities about the risks posed by hardcoded and default credentials.
Facebook is under fire after reports suggested data-mining firm Cambridge Analytica obtained private information on 50 million Facebook users. The social network contends that it didn't suffer a "breach," saying the information was legally obtained but subsequently misused.
To help identify and mitigate the next generation of Spectre and Meltdown speculative execution flaws in CPUs, Microsoft and Intel are offering researchers up to $250,000 if they share their discoveries as part of a coordinated vulnerability disclosure program.
Privacy attorney Kirk Nahra offers an analysis of the New York state attorney general proposing updates to the state's data security laws and issuing a substantial financial penalty in a HIPAA violations case.
While the underlying trends that enabled 2017's ransomware epidemic are continuing to advance, new and evolved threats, trends, and technologies gain speed as well.
Join Joseph Blankenship, Forrester Senior Analyst as we discuss 2018 cybersecurity trends including:
Malware targeting point of sale (POS)...
President Donald Trump's nominee to head the National Security Agency and U.S. Cyber Command, Lt. Gen. Paul Nakasone, faces two Senate committee hearings as part of his nomination process. He'll face questions on cyber defense, privacy and combating information warfare.
If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.
Server-level protection from viruses and malware is essential, and PC-based tools won't cut it. Malware attacks are increasing, including ransomware like CryptoLocker, Locky, and zCrypt. Businesses know it's essential to protect PCs from malicious programs, but many don't realize the value of server-level protection...
Cloud usage continues to grow, which is no surprise. The cloud has enabled businesses to expand their capabilities via cloud servers or a hybrid approach of on-premises and cloud environments. What is surprising is how many organizations have developed a blind spot when it comes to cloud security, and these blind...
The Securities and Exchange Commission and the Department of Justice have both charged Jun Ying, a former CIO at data broker Equifax, with engaging in illegal insider trading after he determined that his employer had suffered a massive breach.
A U.S. power company, unnamed by regulators, has been fined a record $2.7 million for violating energy sector cybersecurity regulations after sensitive data - including cryptographic information for usernames and passwords - was exposed online for 70 days.
A federal judge has largely rejected a motion by Verizon to dismiss a class-action lawsuit filed by victims of three data breaches that compromised Yahoo, which is now part of Verizon. The Yahoo breaches appeared to have compromised nearly every Yahoo user's personal details at least once.
Whoever unleashed malware built to disrupt last month's Winter Olympics in Pyeongchang, South Korea, designed it to look like it had been executed by a group of hackers tied to North Korea. But researchers at the security firm Kaspersky Lab say any such attribution would be false.
The increasing number of organizations being hit by crippling mega breaches points to a deficiency in most standard endpoint security solutions. Today's evolving threat landscape requires that organizations not only employ next generation endpoint protection technology, but that they add an element of aggressive...