An advisory council is again urging the Department of Health and Human Services to allow certain donations of cybersecurity technology and services to smaller healthcare providers. Greg Garcia of the council, who will keynote ISMG's upcoming Healthcare Security Summit in New York, explains why.
A slick ransomware-as-a-service operation called Kraken Cryptor has begun leveraging the Fallout exploit kit to help it score fresh victims, researchers from McAfee and Recorded Future warn. Absent offline backups, victims have little chance of recovering from its crypto-locking attacks.
Kevin McDonald, director of clinical information security at Mayo Clinic, spells out several steps for helping to ensure the security of medical devices, stressing there's no "silver bullet" that can do the job. He'll be a speaker at ISMG's Healthcare Security Summit, to be held Nov. 13-14 in New York.
Scammers behind an ongoing "sextortion" campaign have been emailing a legitimate password - likely from a publicly leaked list - to victims with a threat to release a compromising video of the recipient unless they pay up in bitcoins, Barracuda Networks warns.
Kenneth Schuchman, the alleged author of a supercharged variant of Mirai malware called Satori, has been rearrested for violating his bail conditions. In what may be a coincidence, security researchers say a Satori botnet went dormant following Schuchman's arrest, only to be reawakened later.
Organizations must carefully monitor that their business associates are adequately addressing data security to help guard against breaches, says Mark Eggleston, CISO at Health Partners Plans, who will speak on vendor risk management at ISMG's Healthcare Security Summit, to be held Nov. 13-14 in New York.
A user identity management system can help improve visibility of data residing in the cloud and improve security, says Deepen Desai, a vice president at Zscaler, a cloud-based information security company.
One of the co-authors of the devastating Mirai botnet malware has been sentenced to home incarceration and community service, and ordered to pay $8.6 million in restitution, for his role in a series of damaging distributed denial-of-service attacks that disrupted operations at Rutgers University.
IBM plans to acquire enterprise Linux open source software provider Red Hat in a "hybrid cloud" deal valued at $33 billion that IBM CEO Ginni Rometty promises will be a "game changer." Market watchers say IBM has been struggling to find new revenue growth opportunities.
In the wake of a breach at Hong Kong's Cathay Pacific airlines that involved unauthorized access to personal details on 9.4 million passengers, security experts are weighing in on factors that might have contributed to the incident. So far, the airline has provided only sketchy details.
Good news for anyone whose data has been crypto-locked by attackers wielding GandCrab, the year's most aggressive strain of ransomware: You may be able to get your data back, thanks to a free decryptor.
British Airways has discovered that hackers compromised payment card data and personal details for 185,000 more customers than it had originally suspected and that its systems were first breached not in August, but April. The airline now counts 429,000 data breach victims.
Australian police have charged a woman in the theft of AU$450,000 (US$318,000) worth of the virtual currency XRP, also known as Ripple, in one of the largest cryptocurrency thefts from a single victim. The case highlights how basic security messaging on protecting cryptocurrency isn't getting through.
This week's edition of the ISMG Security Report features an analysis of whether the U.K.'s fine of Facebook for the Cambridge Analytica scandal is just the beginning of regulatory enforcement action. Plus: A potential settlement of Yahoo breach lawsuit and tips on securing data in the cloud.