Cybercriminals are sneaking banking Trojans onto systems via the legitimate remote-access tool Ammyy Admin, researchers at Kaspersky Lab warn. The attacks are a reminder to watch for legitimate applications that may have been Trojanized.
The Asian security landscape continues to change dramatically, and ransomware and cyber extortion are among the emerging trends increasing in frequency and volume. Kaspersky Lab's Vitaly Kamluk shares insights and advice.
Mobile health applications, wearable fitness trackers and even social media sites are creating new privacy risks for health information because the data collected, shared and used falls outside the regulatory scope of HIPAA, says Lucia Savage of the Office of the National Coordinator for Health IT.
At the Black Hat event in Las Vegas later this month, researchers plan to reveal vulnerabilities in hooking engines, a critical component of security software and other applications, including Microsoft Office.
Because more federal regulators are paying closer attention to how businesses are protecting consumer information, having a detailed incident response plan is more important than ever, says Randy Sabett, special counsel at the Washington law firm Cooley LLP.
Examining the human factor in the age of cyber conflict and the new healthcare challenge concerning ransomware highlight this edition of the ISMG Security Report. Also, hackers target the Republican convention.
The 2016 RSA Conference Asia Pacific & Japan, to be held July 20-22 in Singapore, will offer a security road map, imparting lessons to practitioners to help them navigate through cybersecurity complexities. Here's a preview of some of the top session.
The GOP platform - adopted at the convention that nominated Donald Trump for president - doesn't mention the term 'hack back' but states: "We ... make clear that users have a self-defense right to deal with hackers as they see fit." Some cybersecurity experts claim the platform encourages "cowboy" justice.
The Federal Reserve's strategy for oversight of the U.S. migration toward faster payments won't change in the wake of the heists that exploited SWIFT payments, says Fed official Marianne Crowe. The long-term security of U.S. payments has always been a priority for the Fed's study of faster payments, she says.
FireEye has dealt with more disruptive data breaches over just the past year than it has since the company was founded 12 years ago. Charles Carmakal, vice president with the company's Mandiant forensics unit, shares tips for handling a breach.
The federal agency that enforces HIPAA has been very busy lately, taking numerous steps to reiterate the importance of safeguarding patient data and stressing the need to prepare a breach response plan. But the agency still needs to improve transparency on breaches involving business associates.
A bipartisan group of lawmakers has introduced legislation to encourage agencies to use secure cloud computing services as an alternative to continued reliance on legacy systems, which some government officials and IT security practitioners say puts data at risk.
Oregon Health & Science University says it has been slapped with a $2.7 million fine after HHS investigated two data breaches that affected a total of about 7,000 individuals. It's the eighth HIPAA-related settlement announced by HHS so far this year.
Some healthcare entities may be more likely than organizations in other sectors to pay extortionists to unlock data that's been encrypted in ransomware attacks because patients' lives are potentially at risk if data is unavailable, says security expert Kate Borten, who discusses risk management issues.