Medical transcription software vendor Nuance is the latest company to acknowledge that it's still struggling to recover from the recent global NotPetya ransomware attacks and will see a dip in its financial performance as a result.
A watchdog agency's annual security review of the Department of Veterans Affairs, the nation's largest healthcare provider, makes 33 recommendations for how the VA can address a variety of continuing vulnerabilities, but only three of them are new. What are the latest concerns?
Many security leaders argue over whether their incident response posture needs to be proactive or reactive. But Rsam CISO Bryan Timmerman says it isn't either or - that organizations need both. Here's why.
British Airways grounded all flights at London's two biggest airports starting Saturday, leading to multiple days of disruptions. The airline has blamed a power surge for its IT failures, but experts have questioned the airline's resiliency and disaster recovery planning and testing.
The identity of the individual or group behind the global WannaCry ransomware campaign remains unclear. But whoever wrote the ransom notes appears to have been fluent in Chinese and pretty good at written English, according to a linguistic analysis from security firm Flashpoint.
Criminals have long aimed to separate people from their possessions. So for anyone who follows ransomware, the WannaCry outbreak won't come as a shock. Nor will longstanding advice for surviving ransomware shakedowns: Prepare, or prepare to pay.
Hot sessions at this week's OWASP AppSec Europe 2017 conference in Belfast, Northern Ireland, cover everything from the EU's General Data Protection Regulation and fostering better SecDevOps uptake, to quantum-computing resistant crypto and ransomware economics.
A recent ransomware attack on electronic health records and practice management software vendor Greenway Health, which affected several hundred physician group practices using its cloud-based applications, is a reminder to all healthcare providers of the risks that vendors can pose.
Too many businesses assume that the internet will be around forever, but that's faulty thinking and an impractical business practice, says Information Security Forum's Steve Durbin, a featured speaker at Information Security Media Group's Fraud and Breach Prevention Summit in Atlanta this month.
The U.S. regulation that forbid ISPs from selling information about web activity without a customer's permission is gone. But it's still possible to maintain privacy on the Web even if prying eyes are watching.
Cloud services firm Coupa is one of the latest business email compromise victims, after a fraudster pretending to be its CEO faked out the HR department and stole all of its 2016 employees' W-2 forms. Security experts say rigorous training remains the only viable defense.