In an unclassified version of a top-secret report, the U.S. intelligence community says that Russian President Vladimir Putin ordered an influence campaign aimed at undermining public faith in America's democratic process and preventing Hillary Clinton from being elected president.
The KillDisk disk-wiping malware, previously tied to espionage operations, has been updated with crypto-locking capabilities and now targets Linux as well as Windows systems. But security experts warn that attackers using the Linux variant have no way to furnish a decryption key.
The latest episode of the ISMG Security Report focuses on the clash between President-elect Donald Trump and the U.S. intelligence community on whether the Russian government directed the hack of Democratic Party computers to influence the American presidential election.
Hackers will hack, but any attempt to attribute attacks back to an individual, group or state apparatus too often involves political agendas, cybersecurity marketing moves, attempts to deflect blame or outright errors of interpretation.
Hackers have apparently hijacked potentially thousands of vulnerable MongoDB databases and demanded ransoms for the return of critical data, with some victims paying up, according to security researchers.
Determined cyber attackers invade even the best security defenses with the same stealth as wolves creeping up on sheep; if they make themselves known before you spot them, it's too late. Attackers only need to successfully invade once to cause serious damage, but preventing them all is simply not possible.
The Health Insurance Portability and Accountability Act (HIPAA) just celebrated its 20th anniversary in 2016 as one of the most significant pieces of healthcare-related legislation in U.S. history. Once viewed as a "paper tiger," it has taken many years for the full impact of HIPAA's data security provisions to be...
A task force led by two lawmakers and a former U.S. CIO recommends the new administration should jettison outdated ways the federal government tackles cybersecurity, saying in a just-issued report: "Once-powerful ideas have been transformed into clichés."
The lack of a smoking gun - absolute certainty - has some security experts not entirely convinced that the Russians or their backers hacked Democratic Party computers in an attempt to sway the U.S. presidential election.
A U.K. Information Commissioner's report on its investigation into a 2015 TalkTalk breach offers essential information security takeaways for any organization that wants to avoid being breached, says David Stubley of 7 Elements.
In addition to announcing sanctions against Russia for election-related cyberattacks, the Obama administration has declassified technical information on Russian intelligence services' malicious cyber activities in an effort to help thwart additional attacks.
An analysis of a National Institute of Standards and Technology initiative to identify algorithms that could defend encryption against attacks from quantum computers leads the latest edition of the ISMG Security Report. Also featured: An update on new FDA guidance on cybersecurity for medical devices.
From ransomware to targeted social engineering attacks, the threats to healthcare entities have changed enormously. Isn't it time for healthcare's cybersecurity strategy to change too? Aaron Rinehart, the Chief Enterprise Security Architect at Optum, has never seen an industry with quite the urgent cybersecurity needs...
Now that more breaches are targeting industrial control systems, organizations that have paid little attention to operational technology security must ramp up their protection efforts, says breach response expert Christopher Novak of Verizon.