Hackers have repeatedly stolen valuable data - including launch codes and flight trajectories for spacecraft - from NASA's Jet Propulsion Laboratory in recent years, according to a new inspector general audit, which describes weak security practices.
The early days of email attacks - so much noise in the form of malware, spam and links - have given way to attacks that often rely on little more than words, and email gateways often struggle to arrest social engineering ploys, says Michael Flouton of Barracuda Networks.
Many cybersecurity tools are designed to block or allow specific activities based on prescribed rules, but with insider breaches continuing, enterprise protection also requires real-time reaction to actual user behavior, says Carl Leonard of Forcepoint.
The city of Riviera Beach, Florida, has agreed to pay hackers about $600,000 in bitcoin to end a ransomware attack that crippled the city's IT infrastructure for nearly a month. In another recent incident, Baltimore refused to pay a ransom after an attack and faces $18 million in recovery costs so far.
Bad news for anyone who might have hoped that the data breach problem was getting better. "Anecdotally, it just feels like we're seeing a massive increase recently," says Troy Hunt, the creator of the free "Have I Been Pwned?" breach-notification service. Unfortunately, he says, the problem is likely to worsen.
A group of 22 state attorneys general, mainly from Democratic-leaning states, are demanding Congress offer local officials more support - including grants and equipment standards - to improve election infrastructure security in the run-up to the 2020 presidential contest.
The parent company of American Medical Collection Agency has filed for bankruptcy in the wake of a data breach affecting millions of patients. The filing provides an inside look at the "cascade of events" and financial havoc wreaked by a security incident.
With Facebook now officially preparing to launch its own cryptocurrency, Libra, in 2020, the social media giant is facing a privacy and security backlash both in the U.S. and Europe. Lawmakers and regulators are raising concerns about the offering based on the company's poor history of protecting user data.
A new report from Accenture highlights five key areas where cyberthreats in the financial services sector will evolve. Many of these threats could comingle, making them even more disruptive, says Valerie Abend, a managing director at Accenture who's one of the authors of the report.
The annual Infosecurity Europe conference this year returned to London. Here are visual highlights from the event, which featured over 240 sessions and more than 400 exhibitors, 19,500 attendees and keynotes covering data breaches, darknets, new regulations and more.
Xenotime, the group suspected of launching the Trisis malware attack in Saudi Arabia during 2017, has over the past few months shifted its focus beyond the oil and gas industry to target electrical plants and utilities, security firm Dragos reports.