The U.S. federal government and many states haven't conducted forensic investigations into the election systems probed by hackers prior to the 2016 election. An investigation by the New York Times has found two more providers of election systems that were breached.
A massive Locky ransomware campaign has been infecting devices via malware-laced spam messages as well as through fake Dropbox phishing pages. More than 23 million Locky spam email have been seen in just one 24-hour period.
A series of security lapses involving Aadhaar has resulted in major data leakage. The main reason, experts say, is the weak security practices and gaps at the service partners' domain.
Hospitals in Lanarkshire, Scotland, are continuing to recover following an outbreak involving a new variant of Bitpaymer ransomware. Security experts say the malware often gets spread via brute-force attacks against endpoints running remote desktop protocol software.
A sloppy spamming operation has exposed on a server in the Netherlands a batch of files that includes more than 700 million email addresses and some associated account passwords. It's perhaps the largest batch of email addresses ever found in one spot.
Verizon has made a strong case for continual PCI DSS awareness with its new study of payment card data security. But like many vendors that conduct their own studies supporting their business cases, Verizon makes suspect logical stretches.
NIST's recent updates to its precise definitions of various cybersecurity jobs are designed to help make recruiting more efficient - both inside the federal government and elsewhere.
In the wake of Hurricane Harvey, Texas hospitals have not yet reported issues involving access to electronic health records and other critical systems, says Lance Lunsford of the Texas Hospital Association.
Password security guidance: Do block users from picking commonly used passwords. But to avoid a usability nightmare, don't block users from picking any password that's ever been seen in a data breach, security experts advise.
The FDA on Tuesday issued an alert about a voluntary recall by a manufacturer of a network-connected implantable device due to cybersecurity vulnerabilities. Nearly 500,000 of the cardiac pacemakers from St. Jude Medical, now owned by Abbott Laboratories, are in use in the U.S.
What was perhaps the largest-ever botnet composed of infected Android devices has been disabled. The Wirex botnet cleverly used legitimate looking traffic for DDoS attacks against web services.
The ISMG Security Report leads with views on a novel way to fund the growth of the United States military's Cyber Command by seizing assets such as digital currencies from hackers and other criminals. Also, we offer tips on how to recruit scarce IT security pros.
Organizations in all sectors "need to look at the CISO role as an executive position with holistic understanding and a more well-rounded background" to help ensure security goals align with business goals, says consultant Ed Amoroso, former AT&T chief security officer.
As CISO at Hearst Corp., David Hahn's security strategy must be mindful of the challenges and brand risks for well-known media properties, including ESPN and Esquire, as well as smaller, lesser-known units within the corporation. Each requires a risk management strategy.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.