Federal regulators are working to shore up security of systems that support Obamacare in time for open enrollment season, which launches on Nov. 1, following the revelation of a breach of a portal used by insurance agents and brokers that exposed data of 75,000 individuals.
A Russian national has been charged with coordinating a four-year campaign to spread divisive themes aimed at disrupting the U.S. political system. "Project Lakhta" allegedly employed hundreds of individuals who created bogus accounts on such platforms as Facebook and Twitter to sow false narratives.
The latest edition of the ISMG Security Report features an analysis of the results of over 1,000 cyberattack investigations in the U.K. Also: an update on the proposed NIST privacy framework and a report on voter registration information for sale on the dark web.
Facebook is eyeing spammers as being the culprits behind its recently disclosed mega-breach, The Wall Street Journal reports. Preliminary findings from Facebook's internal investigation suggest that the attackers were not affiliated with a nation-state, but rather part of a known spam ring, the newspaper reports.
Federal regulators have smacked health insurer Anthem with a record $16 million HIPAA settlement in the wake of a cyberattack revealed in 2015, which impacted nearly 79 million individuals. What missteps does the settlement highlight?
A batch of U.S. voter registration records from 20 states has appeared for sale online in what appears to be an illegitimate offering. While it's far from the largest-ever seen leak of voter data, the incident again highlights the lax controls too often applied to voter records.
The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel. The breach alert follows a recent GAO report warning of serious cybersecurity shortcomings in U.S. weapon systems.
Attackers are increasing their frequency and volume of Distributed Denial-of-Service (DDoS) attacks. Companies are facing increased pressures to strengthen their security. Three forces contributing to the pressure are:
Stronger, more sophisticated, and highly motivated attackers.
Larger attack surface area due to...
Although DoS attacks are not a recent phenomenon, the methods and resources available to conduct and mask such attacks have dramatically evolved to include distributed (DDoS) and distributed reflector (DRDoS) attacks that cannot be addressed by traditional on-premise solutions.
Cloudflare's advanced DDoS protection...
The Equifax and Yahoo breaches have highlighted enterprise vulnerability to cyber attacks. As the content
management market increases and enterprises embrace remote workforces, adopt multi-clouds,
expose new APIs, and shift server side functionality to the client, new security challenges emerge.
For too many organisations, software vulnerability management is just about "patch Tuesday." Vulnerability management has evolved significantly in the past few years. Organisations need to adopt a new strategy focusing on visibility, prioritised response, and mitigation.
When you look back at the wave of...
Memo to hackers: Boasting about your exploits on social media channels is a good way to get caught. Indeed, Italian police say they busted a suspected hacker after he bragged not only about defacing the NASA home page but also about being part of a group calling itself "Master Italian Hackers Team."
Heathrow, the U.K.'s largest airport, has been fined by the country's privacy watchdog for a series of data security missteps that led to a USB memory drive containing highly sensitive information being lost by an airport security trainer on a London city street, where it was found by a passerby.
Google blames a bug in an API for its Google+ social networking service for exposing personal details of about 500,000 users' accounts, but says it doesn't believe the information was misused. The company was forced to acknowledge the March incident after it was reported by The Wall Street Journal.