Cloud services firm Coupa is one of the latest business email compromise victims, after a fraudster pretending to be its CEO faked out the HR department and stole all of its 2016 employees' W-2 forms. Security experts say rigorous training remains the only viable defense.
A federal judge has granted class-action status for a breach-related lawsuit against an Alabama hospital where a former employee stole patient data and was convicted of identity theft. What's significant about the ruling?
A man who allegedly used a smartphone with a Tor proxy and VPN client to hide his online activities has been arrested and charged with narcotics distribution after U.S. Postal Service employees spotted him mailing large numbers of envelopes while wearing latex gloves.
Organizations are shifting from an IT-driven to a business-driven approach to information security, with a focus on minimizing business disruption, says Kartik Shahani of RSA.
Leading the latest edition of the ISMG Security Report: FBI Director James Comey's revelation of a counterintelligence investigation of possible ties between Donald Trump's presidential campaign and Russia's actions to influence the U.S. presidential election.
A recent study by Forrester Research unveils a direct correlation between data breaches and organizations' IAM immaturity. What needs to change? Corey Williams of Centrify offers strategic advice.
As WikiLeaks reaches out to firms about code targeted via CIA attack tools contained in the "Vault 7" document dump, Cisco says its review of the leaked information led to the discovery of a zero-day flaw that affects 318 of its devices, including numerous switches.
A bill introduced in the Senate would require publicly traded companies to disclose to regulators whether any board members have cybersecurity expertise.
Some medical devices, smartphones and internet of things gadgets contain certain types of sensors that are vulnerable to potential hacking using sound waves, says cybersecurity researcher Kevin Fu, who calls on manufacturers to address the risks.
McDonald's home food delivery app in India leaked sensitive personal information relating to 2.2 million users. But the restaurant giant only addressed the insecure API after a researcher went public one month after informing McDonald's about the problem.
With ransomware attackers having already launched attack code with themes ranging from horror movies and Pokemon to Hitler to cats, it was only a matter of time before they decided to beam Star Trek's Kirk and Spock direct to would-be victims' PCs.
When it comes to cybersecurity there are two major vulnerability components - the human and the network. Humans and hardware defined networks are hard to change and secure. With the right software and protocols, securing the network is doable for government agencies.
A look at President Donald Trump's budget blueprint to boost cybersecurity spending in fiscal year 2018 leads the latest ISMG Security Report. Also, Russian agents charged with Yahoo hack; new White House cybersecurity adviser Rob Joyce profiled.
With apologies to Troy Hunt, the last thing you want to see in the morning as you're having your first cup of coffee and scanning the interwebz for cat videos is a notice from his "Have I Been Pwned" breach-alert service.
Britain's GCHQ intelligence agency dismissed as "utterly ridiculous" claims that it conducted surveillance on then-candidate Donald Trump at the request of President Obama. The White House reportedly apologized to the British government for its comments.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.