A lawsuit alleges that a security flaw in a Google COVID-19 contact-tracing tool is exposing personal and medical information of millions of users to third parties through device system logs. But Google says it reviewed the issue, updated code and is ensuring the fix is rolled out to users.
A coalition of government agencies and security firms has released a framework for how to disrupt ransomware attacks that calls for expanded regulation of the global cryptocurrency market to better track the virtual coins paid to cybercriminals during extortion schemes.
A bipartisan group of lawmakers has introduced a legislative proposal that would create a program, similar to the National Guard, to deploy those with tech and security skills during significant cyberthreats, such as the recent SolarWinds and Microsoft Exchange attacks.
He’s been an Air Force general, a CEO and the first federal CISO. Now Gregory Touhill is taking charge as director of the Carnegie Mellon University Software Engineering Institute's CERT Division. And he’s bringing all his past experience to bear in a new effort to forge partnerships and protections.
The U.S. Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology have released a report providing insights on how to enhance supply chain security in the wake of the SolarWinds attack.
The federal ban on funding for a national unique patient identifier adds to the complexity of customer identity and access management, especially when dealing with new patients during the COVID-19 pandemic, says Aaron Miri, CIO at UT Health Austin.
Several bipartisan congressional initiatives are seeking to expand the mission of the U.S. Cybersecurity and Infrastructure Security Agency. Here's a rundown of the details.
The Babuk ransomware gang is taking credit for an attack against the Metropolitan Police Department of Washington, D.C., and threatening to post exfiltrated data if a ransom is not paid. The department confirms that attackers accessed its network, but it's offering no further details.
The FBI has shared 4.3 million email addresses stolen by the Emotet malware with the Have I Been Pwned breach notification site. The entry of those addresses into the site increases the chance that those infected with Emotet can take remediation actions, such as changing passwords.
COVID-19 infections and death rates are down in the United States, and the percentage of vaccinated citizens is rising. Does this mean the end of the pandemic is finally in sight? Not quite, says continuity planning expert Regina Phelps, who explains why.
Dan Kaminsky, a renowned security researcher, died last week at age 42. He gained cybersecurity fame in 2008 after discovering and helping to coordinate a patch for a massive security flaw in the internet's Domain Name System.
Ransomware continues to prove a reliable moneymaker for criminals, with the average cyber extortion payoff rising to $220,298, reports ransomware incident response firm Coveware. Zero-day attacks and shakedowns targeting Accellion File Transfer Appliance users helped boost criminals' profits.
A series of cyber incidents targeting a Swedish vendor of oncology radiation systems earlier this month is still affecting some of the company's clients - including cancer treatment facilities in the U.S. - because the company has taken its cloud-based systems offline during its recovery effort.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.