The Petya ransomware gang says it released 3,500 crypto keys that it stole - along with source code - from rival Chimera ransomware developers. If the keys are legitimate, security firms say they can build decryption tools for Chimera victims.
A Georgia-based orthopedic clinic has confirmed it's one of the victims of cyberattacks by "The Dark Overlord" hacker who recently posted for sale copies of stolen databases he says contain millions of records. But the clinic is tight-lipped about whether it was a victim of extortion.
The Obama administration is implementing a presidential policy directive designed to coordinate response to a large-scale cyber incident that poses a threat to national security, foreign relations, the U.S. economy, public confidence, civil liberties or public health and safety of Americans.
Fallout from the leaked Democratic National Committee emails continues, with a new finding that suggests cyberattackers compromised a staffer's personal email account. The FBI also has confirmed its ongoing investigation into the breach.
Leading the latest ISMG Security Report, some security experts expect the United States government to retaliate against Moscow for interfering in the American presidential election if the Obama administration determines the Russian government was behind the hack of Democratic Party computers.
The nation's HIPAA enforcement agency has dramatically ramped up its issuance of breach-related financial penalties. In the ninth enforcement action of 2016, it slapped University of Mississippi Medical Center with a $2.75 million fine after a breach investigation revealed big security woes.
WikiLeaks' release of more than 19,000 emails stolen from the Democratic National Committee's computer systems has thrown the party into crisis mode. A look at the leaked emails also provides insights into the DNC's cybersecurity practices.
An analysis of the GOP platform, which takes a tough stand against Chinese and Russian hackers and suggests 'hack back' as a suitable cyber defense, highlights this edition of the ISMG Security Report. Also featured: reports on mitigating Pokémon Go risks and the growth of the IT security workforce.
A recently reported health data breach in Colorado offers a reminder that organizations must take precautions to prevent and detect data leakage involving current and former employees inappropriately using personal email.
Amit Yoran, president of RSA, says Asian organizations should move away from traditional processes and embrace change with sharper perspectives in building defences against advanced threats. How do security leaders respond?
By tracking "Indicators of Exposure" - the top techniques attackers could use to hack into any individual enterprise - organizations can better defend themselves against network intrusions and data breaches, says Gidi Cohen, CEO of Skybox Security.
Security vendor Novetta recently led an independent investigation into the 2014 Sony breach. What lessons were learned, and how do they apply to today's threat landscape? Novetta's Peter LaMontagne shares key findings.
MacKeeper failed to alert customers earlier this year that for at least four weeks, its anti-virus software wasn't receiving regular signature updates. Industry experts say any such delay is unacceptable for an AV vendor.
At the Black Hat event in Las Vegas later this month, researchers plan to reveal vulnerabilities in hooking engines, a critical component of security software and other applications, including Microsoft Office.