Criminal gangs have been hitting e-commerce sites hard lately by injecting their malicious code to "skim" customers' payment card details. In a recent twist, Malwarebytes spotted a malicious iFrame that steps in front of the normal payment process to intercept card details.
Tenable recently teamed with Ponemon Institute on a global study exploring how cyber risk disrupts business operations in both the private and public sectors. The latest report focuses on the public sector, revealing they're at serious risk of cyberattack.
Agency IT security organizations must quickly identify and...
With the number of vulnerabilities on the rise, and their severity increasing, how can you identify the biggest cyber threats to your business - and know what to fix first?
Download the "3 Things You Need to Know About Prioritizing Vulnerabilities" ebook now to:
Discover the 3 critical steps to building an...
In 2017, 15,038 new CVEs were published, up from 9,837 in 2016. Last year, 16,500 new CVEs were disclosed. With vulnerabilities growing year after year, patching every potential threat to your business is a futile exercise. The need to prioritize is clear, but where to start, especially when CVSS categorizes the...
In 2017 the US Department of Homeland Security (DHS) added Election Infrastructure as a cyber-resiliency Critical Infrastructure Subsector under the Presidential Policy Directive/PPD 21 (2013) and raised the profile of elections security substantially. By doing this, DHS empowered states to integrate elections...
Over the past two years, the number of ransomware attacks against state and local government agencies has increased. But at the same time, these victims are paying less to attackers. A new analysis by threat intelligence firm Recorded Future asks: Why the discrepancy?
Attackers exploiting a buffer overflow in WhatsApp's signaling software to automatically infect devices with malware - without users even having to answer their phone - and then alter call logs to hide attack traces is "a bit of a nightmare scenario," says cybersecurity expert Alan Woodward.
A ransomware attack reported by a business associate that impacted more than three dozen clients and nearly 207,000 individuals is among the latest incidents added to the Department of Health and Human Services' data breach tally. Here's the latest health data breach tracking update.
Federal regulators have reached a $3 million HIPAA settlement in a case alleging that a medical imaging services provider delayed investigating and mitigating a breach involving patient information leaking onto the internet via a web server - and delayed notification of victims as well.
Federal regulators and medical device maker Philips have issued alerts about a security vulnerability in the company's Tasy electronic medical records system that could put patient data at risk. How common is this type of vulnerability?
There's good news and there's bad news.
The financial services industry gets phished more than most. How well do banks and other institutions defend themselves? In some respects quite well, but no one should be complacent.
Download this industry brief and learn:
How FinServ maintains an above-average resiliency to...
Healthcare stakeholders and security and privacy experts are sizing up the second draft of the government's Trusted Exchange Framework and Common Agreement, the latest in a decades-long series of attempts to pave the way for secure national exchange of health information to improve patient outcomes.
A "flaw" in the file format of the DICOM standard for communication of medical imaging information could be exploited to hide malware in MRI and CT scans alongside patient data, according to a new research report. But the developer of DICOM contends the feature isn't a flaw and any risks can be mitigated.