Hospitals in Lanarkshire, Scotland, are continuing to recover following an outbreak involving a new variant of Bitpaymer ransomware. Security experts say the malware often gets spread via brute-force attacks against endpoints running remote desktop protocol software.
A sloppy spamming operation has exposed on a server in the Netherlands a batch of files that includes more than 700 million email addresses and some associated account passwords. It's perhaps the largest batch of email addresses ever found in one spot.
Admitted Mirai malware attacker Daniel Kaye has been extradited from Germany to the United Kingdom, where he faces charges that he launched DDoS attacks and extortion attempts against the U.K.'s Lloyds Banking Group and Barclays banks.
The FDA on Tuesday issued an alert about a voluntary recall by a manufacturer of a network-connected implantable device due to cybersecurity vulnerabilities. Nearly 500,000 of the cardiac pacemakers from St. Jude Medical, now owned by Abbott Laboratories, are in use in the U.S.
Organizations in all sectors "need to look at the CISO role as an executive position with holistic understanding and a more well-rounded background" to help ensure security goals align with business goals, says consultant Ed Amoroso, former AT&T chief security officer.
As CISO at Hearst Corp., David Hahn's security strategy must be mindful of the challenges and brand risks for well-known media properties, including ESPN and Esquire, as well as smaller, lesser-known units within the corporation. Each requires a risk management strategy.
A list of weak credentials for vulnerable Internet of Things devices has prompted a new effort to notify their owners. The fear is of another mass, IoT-fueled DDoS attack along the lines of last year's Mirai attacks.
The FBI has arrested Chinese national Yu Pingan on charges that he was a "malware broker" for a remote-access Trojan called Sakula that was used in the massive breaches of Anthem and the U.S. Office of Personnel Management, among other organizations.
Extradited Canadian national Karim Baratov, who's been accused of helping the Russian intelligence officers who allegedly ordered up the hacking of 500 million Yahoo users' accounts, pleaded not guilty to related charges in a San Francisco federal courtroom.
There's another option for governments trying to overcome the end-to-end encryption barrier: buy a zero-day software exploit. One prominent zero-day broker, Zerodium, has added encrypted messaging apps to its bounty list.
With claims of wanting to dispel "the myth about doping-free football," the Russian-linked hacker group Fancy Bear has released health records related to alleged drug use of more than 150 soccer players worldwide. What's the message they're sending?
Hiring managers will need to get increasingly creative to find talent to fill their vacant information security positions, particularly in a shallow talent pool that is forecasted to get even thinner. Experts in the hiring trenches offer seven key tips to consider.