Enterprises should be working overtime to eradicate "EternalBlue" from their networks since two massive malware outbreaks - WannaCry and NotPetya - have targeted the Windows flaw. But vulnerability scans show there's still work to be done.
The workforce of information security analysts in the United States has exceeded 100,000 for the first time, more than doubling since the Department of Labor's Bureau of Labor Statistics began publishing full-year statistics for the occupation category in 2012.
Kudos to the breached business - in this case, kiosk manufacturer Avanti Markets - that quickly alerts victims and gives them actionable information for protecting themselves. Unfortunately, not all breached businesses are so forthright, as some recent data leaks demonstrate.
"Fake news" isn't just a political concept. It's also a component of the marketing hype about Europe's General Data Protection Regulation, says Jonathan Armstrong of the law firm Cordery. How can security leaders cut through the hype and focus on what's truly important to their business?
In the wake of the reported FBI probe into Moscow-based Kaspersky Lab, here's a question: Could a government compel a domestic cybersecurity firm to ignore state-sponsored malware, or even add backdoors to its software or hardware products, without getting caught?
The recent proposed settlement of a class action lawsuit against health insurer Anthem following a 2015 cyberattack impacting about 79 million individuals is significant for several reasons, says attorney Steven Teppler of the Abbott Law Group, who analyzes the deal.
Worried about the use of encryption by terrorists, Australia plans to lobby its key signal intelligence partners at a meeting in Canada for the creation of new legal powers that would allow access to scrambled communications. But Australia says it doesn't want backdoors. So what does it want?
Opportunistic attackers may have breached some Parliament email accounts by brute-force guessing their way into accounts with weak passwords. But such a breach is hardly the "cyberattack" some are making it out to be.
The back story behind the ransom attack that led to the unauthorized early release of the Netflix series "Orange Is the New Black" is a cautionary tale in dealing with cyber extortionists such as The Dark Overlord.
The long-running data security dispute between cancer testing laboratory LabMD and the Federal Trade Commission is now in the hands of a panel of appellate court judges, who heard oral arguments this week. Experts weigh in on the significance of the case.
Microsoft has sought to get in front of a brewing controversy over whether it unfairly disables third-party anti-virus products in Windows 10. The company is seeking to dampen charges that are reminiscent of its years-long legal tangles with global antitrust regulators.
Writing the obituary for the lifeless Neutrino exploit kit leads the latest edition of the ISMG Security Report. Also, judging the value of the Department of Health and Human Services' wall-of-shame website of healthcare sector breaches.