Asked in a press conference if he would denounce Russia for interfering in U.S. elections, President Trump responded with a conspiracy theory about a missing DNC server. Some security experts say Trump's response was nonsense and flies in the face of good digital forensics and incident response practice.
A Spanish consumer rights organization says telecommunications company Telefónica has fixed an elementary security error in its Movistar website that potentially exposed billing invoices for millions of customers. Telefónica says it hasn't detected fraudulent use of the data.
Medical laboratory testing firm LabCorp is investigating a weekend cyberattack on its IT network, which resulted in the company taking certain processes offline. The attack is just the latest cyber assault on the healthcare sector.
Traditional server security controls were not built for ransomware, cryptojacking and other modern attacks. Paul Murray of Sophos discusses deep learning, anti-exploit technology and other key elements of the new wave of server defenses.
The hacking of an email account of a medical clinic employee during travels overseas demonstrates the risks posed to data when workers travel. Security experts offer insights on mitigating those risks.
Timehop, the social media app that resurfaces older social media posts for entertainment, says its ongoing investigation has revealed that an attacker may have compromised more personal information than it previously suspected over the course of a breach that lasted at least seven months.
Known losses due to business email compromise have exceeded $12.5 billion worldwide, the FBI's Internet Complaint Center reports, adding that fraudsters are increasingly targeting the U.S. real estate sector with such scams.
As part of a sweeping plan to "modernize" Medicare, federal regulators are also proposing to expand reimbursements for telehealth services. But what are the potential privacy and security concerns that healthcare providers need to address if they offer more telehealth services for patients?
The latest edition of the ISMG Security Report features a discussion of California's groundbreaking new privacy law as well as an update on the potential impact of the hacker group responsible for the Ticketmaster breach.
Magecart, the criminal group behind the recent data breach at certain Ticketmaster websites, may have also hit the company's sites in Australia, New Zealand, Turkey and Hungary, according to RiskIQ, which says the group's digital payment card skimmers may also affect as many as 800 other e-commerce sites.
Timehop, an application that revives older social media posts, says the lack of multifactor authentication on a cloud services account led to a data breach affecting 21 million users. The breach exposed names, email addresses, phone numbers and access tokens Timehop used to read information from accounts.
Australian medical booking platform HealthEngine offered AU$25 (US$19) gift vouchers to dental patients who sent photos of their treatment invoices to the company, which it positioned to patients as "invaluable" research. Privacy experts say the company may have fallen afoul of Australian privacy guidelines.
While California already had some of the strictest and most varied privacy laws in the country, the new California Consumer Privacy Act of 2018 "is a whole new ballgame," says privacy attorney Kirk Nahra, who explains why.
A new initiative by the Cyber Readiness Institute aims to promote best cybersecurity and vendor risk management practices to smaller enterprises. RiskRecon founder and CEO Kelly White offers his perspective on converting standards to practices.