Good news for Microsoft Windows users: The Equation Group exploit tools dumped this month by Shadow Brokers don't work against currently supported versions of Windows, largely thanks to patches Microsoft released in March. But who tipped off Microsoft?
Cyberattackers love not having to reinvent the wheel. At least, that's the tactic favored by the Callisto group, an "advanced threat actor" that's been using leaked Hacking Team spyware to infect targets, says security firm F-Secure.
Too many businesses assume that the internet will be around forever, but that's faulty thinking and an impractical business practice, says Information Security Forum's Steve Durbin, a featured speaker at Information Security Media Group's Fraud and Breach Prevention Summit in Atlanta this month.
The recent fix for a zero-day flaw in Microsoft Office appeared more than five months after Microsoft was privately alerted to the flaw, and followed months of it being exploited via in-the-wild attacks. Can Microsoft do better?
It has been roughly two years now since the advent of the Retail Cyber Intelligence Sharing Center. How has information sharing improved cyber defenses? And how have criminals upped their game? Brian Engle of R-CISC shares insight.
Many media outlets have suggested that the recent arrest of a Russian computer programmer ties to the 2016 U.S. presidential election meddling blamed on Russia. But the only source for this supposed connection traces to a Russian propaganda arm that's been blamed for participating in said meddling.
As hacking incidents appear to spike again on the federal breach tally, a small Kentucky-based physician practice is the latest healthcare entity to report a major breach involving a ransomware attack.
When it comes to the motivations driving Eastern European cybercriminals, "pseudo-anti-Americanism" is big, says Vitali Kremez, a researcher with intelligence firm Flashpoint who regularly infiltrates cybercrime forums.
A Texas-based pediatric practice is the latest healthcare entity to report a major data breach following a recent ransomware attack, despite the organization's efforts to mitigate the incident quickly.
Federal regulators are warning healthcare sector organizations about the threat of man-in-the-middle attacks and related risks associated with the use of some Secure Hypertext Transport Protocol, or HTTPS interception products for end-to-end security.
Cybersecurity in the healthcare sector, which remains inadequate, could be boosted with better threat information sharing as well as improved collaboration with federal agencies, several experts told a Congressional panel April 4.
A North Korean IP address has turned up in an investigation by Kaspersky Lab into attacks against banks' SWIFT systems. The finding is a strong indication that the Lazarus hacking group may be run by North Korea.