A former Hewlett Packard Enterprise worker has pleaded guilty to intentionally damaging an Oregon Medicaid system and causing it to fail a few days after he was laid off by the vendor. What can others learn from this insider incident?
A sophisticated nation-state spy network has quietly exploited a backdoor in Microsoft Exchange servers that gave attackers unprecedented access to the emails of at least three targets over five years, security firm ESET warns.
An unsecured database belonging to Canadian mobile operator Freedom Mobile exposed personal details and unencrypted payment card data, according to two security researchers who discovered the data. The database has since been secured, with Freedom Mobile blaming the error on a third-party provider.
With today's challenges from an increasingly hostile threat landscape, combined with a lack of people, expertise, and budget, organizations are driving toward optimizing their SIEM and SOAR solutions in order to get the highest return their investment. Of the greatest areas of unmet need with SIEM and SOAR solutions,...
With cyberattacks, online espionage and data breaches happening at a seemingly nonstop pace, Western intelligence agencies are bringing many of their capabilities out of the shadows to help businesses and individuals better safeguard themselves and respond. We need all the help we can get.
In what may be a case of industrial espionage, Massachusetts-based drug development company Charles River Laboratories has reported a cyberattack involving the copying of client data by an intruder. Why is IP theft a growing worry for the healthcare sector?
President Donald Trump on Thursday signed an executive order that offers a mix of incentives and new guidelines aimed at hiring and retaining more security pros to work within the federal government. The order creates a President's Cup Cybersecurity Competition as a way to reward top professionals.
New exploits released online that target long-known configuration weaknesses in SAP's NetWeaver platform could pose risks to payroll, invoicing and manufacturing processes, according to researchers at Onapsis. As many as 50,000 companies could be vulnerable.
The latest edition of the ISMG Security Report describes a discussion among "Five Eyes" intelligence agencies at the recent CyberUK conference. Plus, an update on a Huawei 'backdoor' allegation and new research on managing third-party risk.
Federal regulators and medical device maker Philips have issued alerts about a security vulnerability in the company's Tasy electronic medical records system that could put patient data at risk. How common is this type of vulnerability?
WikiLeaks founder Julian Assange returned to court on Thursday and told a British judge that he would not voluntarily accept extradition to the U.S. to face a charge of helping to hack into a Pentagon computer, setting up a legal fight that could take months.
The U.S. Department of Homeland Security is requiring that federal agencies speed up patching and remediating "critical" and "high" software vulnerabilities. Security experts say this change is long overdue. But does it go far enough?
Every day needs to be password security day - attackers certainly aren't dormant the other 364 days of the year. But as World Password Day rolls around again, there's cause for celebration as Microsoft finally stops recommending periodic password changes.