A Texas-based pediatric practice is the latest healthcare entity to report a major data breach following a recent ransomware attack, despite the organization's efforts to mitigate the incident quickly.
Legislation to direct the National Institute of Standards and Technology to create a set of tools, best practices and guidance to help small businesses protect their digital assets is heading to the U.S. Senate.
Federal regulators are warning healthcare sector organizations about the threat of man-in-the-middle attacks and related risks associated with the use of some Secure Hypertext Transport Protocol, or HTTPS interception products for end-to-end security.
A North Korean IP address has turned up in an investigation by Kaspersky Lab into attacks against banks' SWIFT systems. The finding is a strong indication that the Lazarus hacking group may be run by North Korea.
The FCC is warning that a scam focuses on tricking people into saying the word "yes" on the phone, which fraudsters record and later reuse as a voice signature in an attempt to make fraudulent charges on utility or credit card accounts.
Brexit is off to a messy start, with Britain making law enforcement intelligence sharing - including Europol and European Cybercrime Center participation - a bargaining chip in its EU divorce proceedings. Some European officials have slammed the move as blackmail.
A scareware campaign has been locking iOS devices with faux ransomware, demanding a payoff via virtual iTunes gift cards, security researchers warn. A fix for the exploited iOS flaw is included in a massive batch of product patches and updates released by Apple.
Google has run out of patience with Symantec's digital certificate business. It has outlined a plan that over time will have its Chrome browser reject all of Symantec's existing digital certificates and force all of its future certificates to be reissued every nine months.
Following last week's Westminster attack in London, British Home Secretary Amber Rudd is demanding that police and intelligence agencies be given on-demand access to end-to-end encrypted communications services such as WhatsApp.
WikiLeaks has released a second batch of CIA attack tools, dubbed Dark Matter, which includes malware designed to exploit Mac OS X and iOS devices. But Apple contends the attacks target vulnerabilities in its software that have long been patched, so users are not at risk.
Strong doubts have emerged over an unknown hacking group's claim that it has captured credentials for 627 million Apple iCloud accounts. A very public, ham-fisted attempt to get a $75,000 ransom has raised suspicions.
Cloud services firm Coupa is one of the latest business email compromise victims, after a fraudster pretending to be its CEO faked out the HR department and stole all of its 2016 employees' W-2 forms. Security experts say rigorous training remains the only viable defense.
Password manager LastPass has deployed a server-side fix to repair a vulnerability that could have allowed an attacker to steal a victim's passwords. It's the latest finding from Tavis Ormandy of Google's Project Zero, who's since reported another flaw in LastPass.