ISMG and Rapid7 kicked off a roundtable dinner series in San Francisco, where Rapid7's Scott King says the conversation showcased the challenges security leaders face in engaging business leaders to discuss risk.
The latest edition of the ISMG Security Report analyzes concerns about the use of Huawei equipment by U.S. telecommunications firms. Also featured: A Huawei executive discusses 5G security, plus an update on an Australian ransomware attack.
What's it like to serve in the dual roles of CISO and DPO? Gregory Dumont, who has both responsibilities at SBE Global, a provider of repair and after-sales service solutions to the electronics and telecommunication sectors, explains how the roles differ.
Healthcare organizations can take steps to start mitigating risks while awaiting vendor software patches to address URGENT/11 IPnet vulnerabilities in their medical devices, says researcher Ben Seri of security firm Armis, which identified the flaws.
A dental practice in Texas that responded to patients' Yelp reviews by disclosing patient names and other health information has gotten a bad review from federal regulators: A $10,000 HIPAA monetary settlement and a corrective action plan.
U.S. senators Mark Warner and Marco Rubio are urging social media firms to create policies and standards to combat the spread of "deepfake" videos, which they say pose a potential threat to American democracy.
Threat actors that may have connections to China have been using a variety of malware in a series of information-gathering espionage campaigns across Southeast Asia since at least 2013, according to researchers at Palo Alto Networks' Unit 42 division.
Microsoft's Remote Desktop Protocol is one of the most widely used utilities for connecting to remote machines. But it poses risks if organizations don't actively monitor how it's used, says Chris Morales of the security firm Vectra.
A newly discovered cybercriminal gang is putting a twist on business email compromise scams by initially targeting vendors or suppliers with phishing emails and then sending realistic-looking invoices to their customers, according to the security firm Agari, which labels the approach "vendor email compromise."
A bipartisan group of lawmakers has introduced a bill to help U.S. telecommunications providers "rip and replace" any Chinese-built networking equipment. The move comes as many experts warn that using Huawei or ZTE 5G equipment poses an unacceptable national security risk.
Medical facilities and hospitals across the state of Victoria in Australia were infected by file-encrypting ransomware on Monday, causing the shutdown of patient booking systems and financial systems. At least one hospital has reverted to using paper-based systems.
British police have auctioned off bitcoins and other cryptocurrencies seized from a U.K. teenager who participated in the hack of the London-based telecommunications firm TalkTalk in 2015. The auction netted $294,000, which will be used by law enforcement to help fund crime-fighting efforts.
In the wake of ransomware attacks that have hit the public and private sectors, the U.S. Senate has passed a bill that calls for creating cyber incident response and threat hunting teams at the Department of Homeland Security. Find out what role the teams would play.