A hacking group known as APT5 - believed to be affiliated with the Chinese government - has been targeting serious flaws in Pulse Secure and Fortinet SSL VPNs for more than six weeks, security experts warn. Exploiting the flaws could enable attackers to gain full, remote access to targeted networks.
Schools in Flagstaff, Arizona, were closed on Thursday after ransomware appeared on the district's network. Friday's classes were called off while the recovery effort continued.
Bills now being considered in the Congress would make the Department of Homeland Security's Continuous Diagnostics and Mitigation Program available to all federal agencies and provide services to state and local governments to help them address cybersecurity challenges.
With widespread use of Active Directory across industries and organizations of all sizes, it is frequently a target for bad actors who can use a cracking dictionary or exposed credentials to gain unauthorized access to an employee's account.
Account takeover (ATO) attacks result in billions of dollars of fraud and damage to brand reputation each year. These are the costs and risks associated with ATO.
The mayor of New Bedford, Massachusetts, took the unusual step this week of holding a press conference to describe a recent ransomware attack and explain why the city decided not to pay the $5.3 million ransom that was demanded.
The federal tally of major health data breaches has spiked over the last month, mostly because of the American Medical Collection Agency incident, which led to nearly two dozen breach reports from the firm's affected clients.
Representatives from the U.S. intelligence establishment met with security officials of major social media and technology firms this week to help craft the nation's approach to securing the 2020 elections, including facilitating better information sharing and coordination.
A widely used brand of GPS location-tracking devices - for keeping tabs on children, elderly relatives and pets - have security flaws that could allow anyone with an internet connection to track the devices' real-time location and historical movements, warns security firm Avast.
Cyber defense is no longer about staying a step ahead - it's about trying to remain no further than a step behind the adversaries, says Moshe Ishai of HolistiCyber, who shares insights on how to regain an advantage.
In the wake of the HSBC money-laundering scandal, whistleblower Everett Stern founded the intelligence firm Tactical Rabbit. He explains the firm's mission and how the HSBC experience continues to drive him forward.
Google will pay a $170 million fine to settle allegations that its YouTube subsidiary illegally collected personal information about children without their parents' consent, according to the Federal Trade Commission. But some children's right groups and members of Congress say the penalty is far too low.
While hacking incidents grab the top spots on the federal tally of large health data breaches these days, the serious threat of malicious insiders must not be overlooked or underestimated, the HIPAA enforcement agency and security experts warn.
Digital transformation is the buzz across all sectors, but it poses significant security risks to enterprises. PJ Maloney of DXC Technology and William "Buck" Houston of Micro Focus Global Alliances weigh in on new strategies for securing the transformation.
Defining the scope of third-party risk is challenging, says Ted Augustinos of Locke Lord LLP, who discusses compliance with the New York Department of Financial Services' cybersecurity regulation.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.