The struggle is real as DoD moves from DIACAP to RMF. System owners are challenged to adopt technology that can address the more dynamic controls required by RMF.
Learn how to get help from defense agencies to monitor and assess their systems for RMF compliance by automating the gathering, analysis and reporting of...
The Department of Justice has charged two men, arrested in Connecticut near the scene of a jackpotting attack against a drive-up ATM, with bank fraud stemming from a malware attack. Police say they recovered $9,000 in $20 bills, as well a black box and other equipment from the suspects' car.
Apple and Cisco say they've partnered with insurers Aon and Allianz to offer cyber insurance policies for organizations that meet best security practices and use products from the technology companies. The partnership follows increasing interest in cyber insurance as a hedge against hacking risks.
A new report from a Veterans Affairs watchdog agency on a guest Wi-Fi network that was set up at a VA medical center without coordination with VA IT officials to ensure security spotlights the risks and challenges that many healthcare entities face with so called "shadow IT."
Russian citizen Peter Levashov, arrested last year while vacationing in Spain, appeared Friday in U.S. federal court to face charges that he owned and operated the Kelihos botnet and distributed spam, banking Trojans and ransomware for profit. Levashov has pleaded not guilty.
Lauri Love, a British man accused of 2012 and 2013 hack attacks against U.S. government computers - including systems operated by the Federal Reserve, U.S. Army and NASA - has won his legal bid to quash a U.S. extradition request. But he still faces a potential trial in England.
The booming interest and sometimes surging values of cryptocurrencies are drawing the interest of cybercriminals on a scale never seen before - including attacks aimed at trying to steal computing power to mine cryptocurrency.
In one of the largest HIPAA settlements ever, federal regulators have signed a $3.5 million settlement with a Massachusetts-based healthcare organization that reported five small health data breaches in 2012 involving lost or stolen unencrypted computing devices.
The number of data breaches reported by U.S. organizations reached an all-time high last year. In 2017, organizations that described how bad their breach was - and one-third did not - collectively lost 14 million payment cards and 158 million Social Security numbers, according to the Identity Theft Resource Center.
Fitness app and website developer Strava has landed in hot water after publishing a global heat map that shows users' workout routes in aggregate. By doing so, the firm has inadvertently revealed military installation layouts and other sensitive information.
As the global threat landscape shifts, so does Kaspersky Lab. Moving from its traditional cybersecurity focus, Kaspersky now is honing in on fraud prevention. Emma Mohan-Satta describes this shift and what it means for security and anti-fraud leaders.
The U.S. government's idea to take the reins of the development of 5G mobile networks has been met with cynicism and criticism. But there are goods reasons the government is worried: Standards haven't been set in stone yet, and 5G will present a bevy of new security challenges. Here are some of them.
How effective are nation-backed trolls at influencing individuals via social media? An analysis of Russian trolls' accounts suggests they're designed for "causing havoc by pushing ideas, engaging other users or even taking both sides of controversial online discussions."
So far in 2018, 15 health data breaches have been reported to federal regulators, affecting a combined total of nearly 391,000 individuals. But why are incidents involving ransomware still so rare on the federal health data breach tally?
Coincheck, a Tokyo-based exchange, says it suffered a hack attack that led to the theft of $530 million worth of XEM cryptocurrency from its hot wallet. But the developers of XEM say they are tagging all accounts that receive the stolen funds to stop it from being converted to cash.