The BadRabbit ransomware attack appears to have been designed for smokescreen, disruption or extortion purposes, if not all of the above. So who's gunning for Ukraine and how many organizations will be caught in the crossfire?
If Eugene Kaspersky had attended Wednesday's House hearing on the risk his company's anti-virus software poses to the U.S. federal government, he would have faced an unfriendly reception. But Kaspersky wasn't invited, although the panel may "entertain" the possibility of inviting him to a future hearing, according to...
As organizations combat BadRabbit, the latest global ransomware campaign, healthcare entities in the U.S. should monitor the situation and take preventive measures to avoid becoming the next potential victim of any emerging malware, experts advise.
Anti-virus vendor Kaspersky Lab says that an internal probe has confirmed that in 2014 a PC running its anti-virus software flagged and submitted new Equation Group APT malware variants. But after an analyst realized the provenance of the source code, the firm says its CEO ordered that it be immediately deleted.
In a battle to save its reputation, Kaspersky Lab says it will allow independent inspections of its code, infrastructure and processes following U.S. government accusations that it colluded with Russian intelligence agencies. But will the move restore confidence?
DataBreachToday Executive Editor Mathew J. Schwartz's examination of the growing threats facing the critical energy sector leads the latest edition of the ISMG Security Report. Also in this report: A discussion of safeguarding the telehealth marketplace.
Is digital transformation an impending "disaster" - leaving more attack surfaces open to exploit and putting enterprises at further risk? Or is there a chance to rewrite how the security department operates? Former Burberry CISO John Meakin shares his views.
A new collaborative effort aims to advance "evidence-based security" for medical devices through the sharing of best practices, says Dale Nordenberg, M.D., leader of the Medical Device Innovation, Safety and Security consortium.
A House committee is requesting a briefing with medical transcription services vendor Nuance Communications to learn details about the impact the NotPetya malware attack in June has had on the company.
The U.S. government has issued a rare technical alert, warning that attackers are continuing to compromise organizations across the energy sector, often by first hacking into less secure business partners and third-party suppliers.
Want to infect systems used by a large swath of cybersecurity professionals in one go? Then use a malicious decoy document to target potential attendees of a NATO and U.S. Army conference on "The Future of Cyber Conflict" being held in Washington.
Will all of the anonymously lobbed U.S. government allegations against Moscow-based security vendor Kaspersky Lab send anti-virus users running for the hills? Don't let it, one security expert says, noting that ditching AV would be a gift to cybercriminals and intelligence agencies alike.
A lawn mower engine manufacturer's notification to federal regulators of a health data breach impacting thousands of its workers highlights the HIPAA compliance duties for businesses that are self-insured for healthcare.
An in-depth look at the DMARC anti-spoofing system - which the U.S. Department of Homeland Security this past week said it will require federal agencies to adopt - leads the latest edition of the ISMG Security Report. Also, continuous monitoring of the insider threat.
The FBI is asking all U.S. victims of DDoS attacks to please come forward. The bureau's plea for more information from cyberattack victims parallels similar requests made this week by British authorities speaking at ISMG's Fraud and Breach Prevention Summit in London.