Federal regulators are warning healthcare sector organizations about the threat of man-in-the-middle attacks and related risks associated with the use of some Secure Hypertext Transport Protocol, or HTTPS interception products for end-to-end security.
A North Korean IP address has turned up in an investigation by Kaspersky Lab into attacks against banks' SWIFT systems. The finding is a strong indication that the Lazarus hacking group may be run by North Korea.
The number of debit cards compromised after the hacking of ATMs or point-of-sale devices rose by 70 percent in 2016 versus a year prior, according to FICO. What are the causes of the spike?
A Government Accountability Office audit suggests a lack of guidelines led the Office of Personnel Management to provide duplicate identity protection services to about 3.6 million individuals victimized by two 2015 data breaches.
Leading the latest edition of the ISMG Security Report: A breakdown of testimony presented at a Senate Select Committee on Intelligence hearing on Russia's attempt to influence the U.S. presidential election. Also, remembering Trend Micro Chief Technology Officer Raimund Genes.
More than 60,000 servers running Microsoft's out-of-support IIS 6.0 server software may be vulnerable to a newly revealed zero-day exploit. No patch will be produced, but a workaround can blunt an attack.
The FBI recently warned that hackers are targeting FTP servers run by healthcare organizations in order to obtain medical records. New statistics show more than 750,000 FTP servers can be accessed anonymously worldwide.
Two laptops containing as many as 3.7 million voter registration records and other data were stolen from a locked room in Hong Kong. Authorities suspect the theft may be an inside job.
Following the Westminster attack in London, Britain's home secretary scapegoated social networks and end-to-end encryption communications. Is it possible her government has a messy domestic political issue that it's trying to avoid discussing?
Not too fast, not too slow. Notwithstanding regulations and contractual obligations, that's legal and security experts' consensus on how quickly organizations that suspect they've been breached should notify individuals whose information may have been exposed.
Like many other inventions now common in modern life, distributed cybercrime may seem trivial today. But this concept emerged little more than a decade ago and has already dominated the threat landscape.
Microsoft's docs.com service has been an open window to viewing people's personal data. The company appears to have taken some steps to contain the exposure, but those watching closely say sensitive data can still be found via search engines.
A look at experts promoting blockchain as a secure way to share cyberthreat information leads the latest edition of the ISMG Security Report. Also, how sound waves pose a threat to IoT devices, smartphones and medical devices.
With the rapid changes in the threat landscape and the risks introduced by DevOps, the cloud and other new elements, organizations need to have a continuous vulnerability assessment program as a security baseline, says Richard Bussiere of Tenable Network Security.
The U.S. Justice Department is reportedly preparing to charge multiple "Chinese middlemen" with helping to orchestrate the $81 million Bangladesh Bank heist on behalf of North Korea. Security experts have long been reporting that the attack code and tactics appear to trace to North Korea.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.