"The Dark Overlord," a hacker who has been advertising batches of personal and medical records supposedly stolen from U.S. healthcare organizations, claims to have a new victim: a large developer of healthcare software.
There's often a dangerous trade-off made between convenience and security. That's illustrated no better than by a recent issue patched by Microsoft. It's an attack so devilishly smooth that it's a wonder hackers had not figured it out before.
While many banks and merchants in Britain, France and Germany have long complied with the PCI Data Security Standard, deregulation has led organizations in other European countries to start taking PCI compliance more seriously and use it for competitive advantage.
The Chinese government likely was responsible for the hacking of computers at the Federal Deposit Insurance Corp. in 2010, 2011 and 2013, according to a new congressional report. Also, a new audit from the FDIC inspector general criticizes the agency for continued lax information security practices.
How low will ransomware go? New malware - dubbed Ranscam - demands bitcoins to unlock files, but in reality they've already been deleted, researchers warn. As always when it comes to defending against ransomware, preparation pays.
The Obama administration has unveiled a federal cybersecurity workforce strategy that calls for identifying, recruiting, developing, retaining and expanding "the best, brightest and most diverse cybersecurity talent" for federal service. But are those goals realistic?
Ransomware is devastating, and current security software doesn't do a great job of stopping it. But researchers say ransomware's behavior - quickly encrypting large volumes of files before users have time to react - could be the key to solving this epidemic.
In the wake of the controversy over Hillary Clinton's use of private email servers, President Obama voices his concerns about the state of federal government IT security in this edition of the ISMG Security Report.
Omni Hotels & Resorts is warning customers that for six months, hackers infiltrated its networks and used point-of-sale malware to steal payment card data. One security expert says more than 50,000 stolen cards have been sold by a hacker called JokerStash.
The release this week by the PCI Security Standards Council of a new PCI compliance resource for small merchants is being lauded by the banking and payments community. But how effective will the resource be at actually convincing merchants to move forward with PCI compliance?
Interbank messaging service SWIFT will begin collecting and sharing anonymized attack information and offering incident-response services - backed by Fox-IT and BAE Systems - to help hacked banks. But will financial institutions buy in?
Nationwide fast food chain Wendy's has revised from 300 to 1,025 the number of restaurants that suffered payment card compromises. Investigators say the breach was more severe than they first believed, and involved two separate waves of point-of-sale malware attacks.
Security vendors are issuing warnings about two new types of dangerous Mac malware - Eleanor and Keydnap - which serve as a reminder that it's not just Windows users coming under fire from malicious software developers and tricksters.
Forget the 2015 mega-breach, an ongoing FTC probe or multiple class-action lawsuits: A new leadership team wants to reboot infidelity-focused online dating website Ashley Madison, promising that this time they'll get security and privacy right.
Endpoint protection vendors compete fiercely for customers, and allegations of impropriety are common among rivals. The latest battle pits Sophos against Cylance. Whose version of the story is the truth?