Equifax has identified 2.4 million U.S. consumers whose names and snippets of their driver's license numbers were stolen, adding to one of the worst breaches in history, which resulted in personal data for most U.S. adults being exposed.
Leading the latest edition of the ISMG Security Report: President Trump has not authorized the National Security Agency to go after Russian election hackers at the source. Also, 23,000 digital certificates get revoked after their private keys get leaked, and an analysis of deception technologies.
The new generation of deception technology can play an important role in helping healthcare organizations detect malware, including ransomware, but it requires careful implementation to get the most value, says Mitch Parker, CISO at Indiana University Health System.
Digital certificate vendor Trustico is sparring with DigiCert, which recently took over Symantec's digital certificate business, over a serious security incident. The private keys for at least 23,000 Trustico digital certificates have been compromised, prompting a scramble to protect affected websites.
Cybersecurity will again be in the spotlight at this year's Healthcare Information and Management Systems Society conference, March 5 to 9 in Las Vegas. The event will feature numerous CISO presentations, updates from regulators and displays of the latest technologies.
Cybersecurity company mergers and acquisitions continue. Among the major deals: The sale of PhishMe to a privacy equity syndicate and Splunk's purchase of Phantom. But these are just the latest in a series of moves so far this year as consolidation continues.
Despite the millions of dollars companies invest in cybersecurity programs, advanced persistent attackers constantly devise new means of breaking into corporate environments. How can deception technology offer a new alternative? Ofer Israeli of Illusive Networks explains.
A new strain of the Petya ransomware called "Bad Rabbit" is impacting business and sweeping across Russia and Ukraine, among other Eastern European countries. Like many of the other ransomware outbreaks, understanding fact from fiction is the first step in staying safe.
An analysis of a massive 8.8 GB trove of files containing usernames and plaintext passwords suggests hundreds of services may have experienced unreported or undiscovered data breaches. Data breach expert Troy Hunt says the trove of 80 million records appears to contain fresh data.
Attorney Steven Teppler, who recently wrote a report that addresses risks related to the internet of things, offers insights on risk management steps organizations in all sectors must take as IoT devices proliferate in the enterprise.
Interest in deception technology is growing because it can play a valuable role in improving intrusion detection, says Anton Chuvakin of Gartner, who explains the intricacies of the emerging technology in an in-depth interview.
Some healthcare industry stakeholders say the Trusted Exchange Framework that HHS proposes to promote secure, interoperable nationwide health data exchange, while a good starting point, lacks clarity on certain security and privacy issues.
Arkansas developer Taylor Huddleston has been sentenced to serve more than two years in prison for developing, marketing and selling two tools designed to be used maliciously - the NanoCore remote access Trojan and Net Seal license software.
Certificate authorities continue to be tricked into issuing bogus TLS certificates. A study by Recorded Future found that at least three underground vendors can supply fraudulent TLS certificates, which pose serious risks to data security and privacy.
Is your organization prepared for GDPR? The GDPR goes into effect this year on May 25th, 2018! It still remains to be seen exactly how it will be enforced and what specific measures organizations must take to comply. What is clear, however, is that personal data must be protected or severe penalties may be imposed....