An incident involving a third-party vendor migrating a server containing archived email of a medical device provider has resulted in a reported health data breach impacting more than 277,000 individuals. What went wrong?
Enterprises are getting wiser to understanding the insider threat. But mitigating it? That remains a challenge - especially at a large scale. Mohan Koo of Dtex Systems talks about how to blend human and data analytics to address the challenge.
Emotet pushes Ryuk, GandCrab taps NTCrypt, and BokBot borrows from Trickbot. With millions to be potentially stolen from victims, is it any wonder that malware-wielding gangs continue to get a little help from their cybercrime friends?
Criminals continue to target organizations and individuals with extortion schemes, such as by infecting targets with Ryuk and GandCrab ransomware, say Raj Samani, chief scientist of McAfee, and John Fokker, McAfee's head of cyber investigations.
As CEO of Terranova Security, an awareness training provider, Lise Lapointe sees an evolution of education programs that used to be merely phishing simulation tests. What are the most effective forms of training?
Attackers have hit North Carolina's Orange County with ransomware for the third time in six years. Government officials say IT teams have been working overtime to restore systems, and that no data has been lost.
Script-based payment card malware continues its successful run, impacting a range of e-commerce sites, security researchers warn. With fraudsters continuing to refine their tactics, countering card-sniffing scripts continues to be difficult.
The ultimate responsibility of every CSO and CISO is to foster culture change and awareness, because that is every organization's single greatest data security and physical security control, says Andrew Rose, CSO of Vocalink, which is a MasterCard company.
Aluminum giant Norsk Hydro has been hit by LockerGoga ransomware, which was apparently distributed to endpoints by hackers using the company's own Active Directory services against it. To help safeguard others, security experts have called on Hydro to release precise details of how it was hit.
The FDA is generally on the right track in updating guidance for the cybersecurity of premarket medical devices. But a variety of changes are needed, say some of the healthcare sector companies and groups that submitted feedback to the agency.