A mental healthcare practice's decision to pay a ransom to have sensitive patient data unlocked illustrates the difficult choices that organizations can face when attempting to recover from a ransomware attack.
A group of cybercriminals known for their persistence and precision in executing attacks against banks' ATMs and card processing infrastructures has regrouped despite the arrest of their alleged leader.
A swift FBI sinkhole blunted an apparently imminent attack against Ukraine via "VPN Filter" malware, which has infected more than 500,000 routers. But mass router compromises will continue so long as manufacturers fail to build in easy or automated patching and updating, security experts warn.
At least 500,000 routers, mostly located in Ukraine, have been infected with "VPN Filter" malware that experts believe is a prelude to a massive cyberattack. But the FBI has sinkholed the control domain for the router botnet, which should help contain the potential damage.
Mexican officials are investigating a series of technical glitches that may have been a prelude to a large cyberattack affecting at least five banks, according to news reports. While the full scope of the incidents remains unclear, up to $20 million may have been stolen.
If operational technology systems need to get connected to IT systems, it's essential to have tight controls on the network, says Lam Kwok Yan, professor of computer science and engineering at Nanyang Technological University in Singapore.
One of the biggest challenges in stopping data breaches lies in sifting through vast amounts of data to find the proverbial "needle in the haystack" - the subtle clues that indicate an attack is imminent or underway in your public agency or government organization. As modern computer systems generate billions of...
Building your organization's cybersecurity maturity doesn't happen overnight. It takes time and thought to adequately assess all the factors that go into creating and implementing an effective security strategy, particularly what steps to take after you've made an initial investment in security.
A remote code execution vulnerability revealed in late March in the Drupal content management system is now being used on a large scale for mining the virtual currency monero, a researcher says. At least 400 websites have been infected, and the total number is likely far higher, security experts warn.
Businesses spend billions each year on identity and access management, but almost all of this money is spent on protecting the digital identities of humans - usernames and passwords.
On the other hand, businesses spend almost nothing on protecting machine identities, even though our entire digital economy hinges...
Security vendor ProtectWise says a series of operating mistakes has allowed it to gain insight into a group, believed to be affiliated with Chinese intelligence, that specializes in stealing code-signing certificates. The certificates allow for the signing of malware that's unlikely to raise security alarms.
We all know that May 25 was the enforcement deadline for Europe's General Data Protection Regulation. But what impact will General Data Protection Regulation have on cybersecurity programs?
GDPR, or the "Y2K" of our era, is part of a larger conversation that's been catalyzed by a lot of the recent news around...
We all know about May 25 and the enforcement deadline for Europe's General Data Protection Regulation. But what impact will GDPR have on cybersecurity programs? Danny Rogers of Terbium Labs weighs in on the topic.
A dozen medication and supply management products from Becton Dickinson and Co. are vulnerable to flaws identified last year in the WPA2 protocol, putting the products at risk for so-called KRACK attacks, according to a federal alert. Such attacks can potentially lead to malware infections.