France has hit Google with a 50 million euro ($57 million) fine for violating the EU's General Data Protection Regulation. The country's data regulator says Google doesn't inform users in a clear way how their data is being collected and processed for targeted advertising.
Fresh strains of ransomware are being distributed by attackers who gain remote access to organizations' networks to infect them with Phobos, as well as via cracked-software sites that share adware installers inside which STOP ransomware has been hidden.
GDPR has been in effect since May 2018, but organizations are still waiting to see what impact it will have on the costs organizations might face from breach cleanup, investigations, sanctions and class action lawsuits, says Ian Thornton-Trump of the financial services firm AMTrust International.
How do data privacy and security matters affect organizations that are contemplating a merger or acquisition? Attorney Iliana Peters offers insights into cybersecurity, data breach and compliance issues that can potentially doom a deal.
Implementing standards for recording demographic data, and also sharing best practices, could help address the challenges involved in matching the right patient with all the right records, a new government study concludes.
The U.S. Federal Trade Commission is close to concluding its investigation into Facebook over the Cambridge Analytica scandal, the Washington Post reports, noting that the social network may face a record-setting fine, exceeding the $22.5 million fine the FTC in 2012 slammed on Google.
Banks in West Africa have been targeted by at least four hacking campaigns since mid-2017, with online attackers wielding commoditized attack tools and "living off the land" tactics to disguise their efforts, Symantec warns.
Threat intelligence sharing is all about trust, speed and context. And yet many enterprise intel programs lack one or more of those qualities. Jon Clay of Trend Micro discusses what it takes to stand up a customized threat intelligence program.
Cybercrime outfits appeared to take a vacation around the December holidays. But attacks involving Emotet, Hancitor and Trickbot have resurged following their December slowdown, as has the Fallout exploit kit, lately serving GandCrab ransomware.
Facebook has removed hundreds of accounts, alleging that the account creators misrepresented their identity. The social network alleges that some of the accounts were surreptitiously created by employees of the state-owned Sputnik news agency in Moscow, which Sputnik disputes.
Venture capitalists invested $5.3 billion in cybersecurity companies in 2018, about 20 percent more than in 2017 and twice as much as 2016, according to research from Strategic Cyber Ventures. What's ahead for 2019 and beyond?
Leading the latest edition of the ISMG Security Report is an in-depth look at why ransomware remains a pervasive threat and how it's evolving. Also featured: updates on venture capital investments in cybersecurity and a study of vulnerabilities in industrial remotes.
How can healthcare organizations better address the many challenges they face involving the security of legacy medical devices? Device security specialist Ben Ransford offers insights on critical steps that can help reduce the risks.
Several health data breaches involving phishing attacks - including one that potentially exposed data on more than 100,000 individuals - have been added to the federal health data breach tally this month. Why do these breaches keep happening, and what more can be done to prevent them?
Airline booking system provider Amadeus - whose system is used by 500 airlines - is investigating a software vulnerability that exposed passenger name records, which is the bundle of personal and travel data that gets collected when booking a flight.