When it comes to cyber risk, how must the CISO manage communications across the enterprise? The board, the staff and the line-of-business leaders all have different needs. Humphrey Christian of Bay Dynamics offers advice for the CISO in the middle.
An analysis on why small businesses are increasingly being targeted by hackers leads the latest edition of the ISMG Security Report. Also, potential medical device hacks pose risk to patients, and payment fraud evolves as the threat landscape intensifies.
A recent ransomware attack on electronic health records and practice management software vendor Greenway Health, which affected several hundred physician group practices using its cloud-based applications, is a reminder to all healthcare providers of the risks that vendors can pose.
So far this year, we've seen heightened tensions between the U.S. and adversaries in Russia, North Korea and Iran. How do these tensions manifest on the cyber stage? Tom Kellermann of Strategic Cyber Ventures talks about the cyberwar risks brewing below the surface.
The ISMG Security Report leads with an analysis of how tactics used by Kremlin-tied actors to target political groups in France, Germany and the U.S. to influence foreign elections could be employed to damage the reputation of businesses.
Interpol, working with countries and security vendors, says it has uncovered 270 websites - including some government portals - compromised by malware. In some instances, the websites contained personal data of citizens.
Two men have pleaded guilty to hacking London-based telecommunications giant TalkTalk in 2015. Police say one of the men boasted in social media account chats about wiping and encrypting his hard drives, as well as taking part in the hack attack.
Although cyberattacks on medical devices that could potentially harm patients so far have only been demonstrated in lab settings, there have been actual cases involving the hacking of devices to gain access to patient data, says ethical hacker Stephanie Domas.
Adam Mudd has been sentenced to a two-year prison term after he pleaded guilty to developing and selling "Titanium Stresser," an on-demand DDoS attack tool tied to over 1.7 million attacks worldwide. Separately, Britain's high court ruled that Lauri Love can fight a U.S. extradition request.
Warning: A dumped Equation Group exploit is designed to bypass authentication on 386 types of Oracle databases. One concern is that the exploit might be used by attackers such as the Lazarus Group to refine their attempts to inject fraudulent money-moving messages into the SWIFT network.
The purported hacking of computers of French presidential candidate Emmanuel Macron, by the same Russian group that targeted Hillary Clinton's campaign, signifies an expansion of the goals of the attackers that extend beyond trying to influence the outcome of Western elections.