What's one of the worst things that can happen during a pandemic? The answer is anything that gives people less reason to trust in their public health system to handle the crisis. Enter a data breach that has exposed personal information for everyone who's ever tested positive for the disease in Wales.
The U.S. Cybersecurity and Infrastructure Security Agency warns that hacking groups backed by the Chinese Ministry of State Security are exploiting several unpatched vulnerabilities to target federal agencies.
Federal authorities and medical device maker Philips have issued security alerts about security vulnerabilities in some of the company's patient monitoring software. Until patches are available, the company is recommending risk mitigation steps.
Potentially capping a fraught political showdown, China's TikTok, which is owned by Beijing-based ByteDance, has chosen Oracle to be its U.S. "technology partner," rejecting a bid by Microsoft. But Chinese state media suggests reports of a deal might be premature.
New Zealand's stock exchange, NZX, recently fell under a massive distributed denial-of-service attack that was part of an extortion attempt. Security specialist Daniel Ayers breaks down what went wrong and how other organizations can avoid similar issues.
A leaked database compiled by a Chinese company has suddenly become the focus of news media reports warning that it could be used as an espionage instrument by Beijing. But on closer examination, the alleged "social media warfare database" looks like public information largely scraped from social media sites.
A bipartisan bill looks to take some initial steps toward creating nationwide digital identity standards that can address a range of security issues, including theft and fraud stemming from data breaches. The legislation is backed by the Better Identity Coalition.
Independent bug hunters who find flaws in products and services often struggle to hand off their vulnerability report to someone in a position to get it fixed, says longtime security researcher Daniel Cuthbert. He describes steps organizations must take to be able to receive - and act on - bug reports.
A recently uncovered Linux malware variant dubbed "CDRThief" is targeting VoIP networks to steal phone metadata, such as caller IP addresses, ESET reports. The malware appears to be designed for cyberespionage or fraud.
Since March, the operators behind ProLocker ransomware have focused on targeting large enterprise networks with ransomware demands sometimes exceeding $1 million, the security firm Group-IB reports. The gang has recently started to use the Qbot banking Trojan.
The latest edition of the ISMG Security Report analyzes how criminals keep finding new ways to make ransomware victims pay. Also featured: Preventing digital currency counterfeits; a proposed health data privacy framework.
Russian, Chinese and Iranian hackers are targeting organizations and individuals associated with the Republican and Democratic U.S. presidential campaigns, Microsoft reports, noting that the majority of the attacks appear to have been blocked.
Disruption, distortion and deterioration - these cybersecurity threats are amplified by the ongoing pandemic. Which poses the greatest threat and why? We asked this exclusive panel of CEOs and CISOs, and their responses might surprise you.
The security firm Positive Technologies discovered six vulnerabilities in Palo Alto Networks' PAN-OS, the software that runs the company's next-generation firewalls. The firewall developer has issued patches.