Stop me if you think you've heard this one before: Some ransomware attackers are hiding attack code in virtual machines or creating new leaking sites to pressure victims into paying.
A $5 million lawsuit seeking class action status has been filed against Morgan Stanley, claiming the financial organization failed to properly safeguard personally identifiable information when the company discarded old computer equipment.
You built an information security practice that keeps your organization's most valuable data safe and secure in a hostile environment. But now what? How will information security adapt to the new world of dynamic cloud, DevOps, privacy regulations, exploding data volumes, and shortage of security talent?
As...
Federal regulators have slapped the Rhode Island-based health system Lifespan with a $1 million HIPAA settlement tied to a 2017 data breach involving the theft of an unencrypted laptop that potentially exposed the data of 20,000 individuals. It's the largest HIPAA enforcement action so far this year.
A fully secure digital program considers both network and physical security, but that's not all. Employing a holistic approach also considers user convenience, risk mitigation, scalability and integration opportunities. Organizations whose IT and physical security teams collaborate can address the challenge of an...
The concept of "identity is the perimeter" is not new. However, COVID-19 has accelerated the transformation of workforce identity management, forcing organizations to navigate a new reality sooner than expected.
Whether or not they were prepared for it, more organizations are working remotely and utilizing SaaS...
In mere weeks, the healthcare industry was able to leapfrog ahead years in its digital transformation. But at a price to data security, which now faces new kinds of exposure. Zettaset CEO Tim Reilly discusses these vulnerabilities and the future of encryption in the healthcare sector.
Federal agencies will add a layer of security to their websites that use the top-level domain .gov. All the sites eventually will use the HSTS protocol, which ensures that a user's connection to a website is encrypted and can protect against man-in-the middle attacks and cookie hijacking.
Zoom will begin beta testing an end-to-end encryption feature in July that it plans to make available at no charge to all who use the paid or free version of its teleconference platform. It's also rolling out other new security features.
Increasingly, organizations are turning to encryption to help solve multiple security issues, whether it's protecting data, managing risk or meeting government regulations. While managing all these encryption keys can be complex, Brad Beutlich of nCiper Security doesn't believe it has to be this way.
To date, most organisations have had hard boundaries between system administrators and their software development teams, where they occasionally interact, rarely coordinate, and never collaborate. As the needs for collaboration between IT administrators and software developers - both internal and external - continue...
As digital transformation technologies such as containers and connected devices are changing business models, organizations are finding new ways to secure data with encryption. John Grimm of nCipher Security walks through how the use cases for encryption are keeping up with the times.
Ransomware gangs keep innovating: Maze has begun leaking data on behalf of both Lockbit and RagnarLocker, while REvil has started auctioning data - from victims who don't meet its ransom demands - to the highest bidder. Thankfully, security experts continue to release free decryptors for some strains.
For over 2000 years, governments, armies, businesses and lovers have been encrypting messages. For the same amount of time, the keys used to perform the encryption have been the weakest link in the chain. After 2000 years, technology has advanced such that the keys can be protected but many companies don't understand...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
