Canada Post, the nation's primary postal operator, reports that personal information on almost 1 million of its customers was compromised when one of its vendors suffered a ransomware attack last year.
A federal $25,000 HIPAA settlement with a clinical laboratory is significant because it calls for a wide-ranging corrective action plan. And the enforcement action is unusual because it's the result of a compliance review of a covered entity not directly tied to the data breach that triggered the investigation.
More than five months after the SolarWinds supply chain attack came to light, federal agencies continue to struggle with supply chain security, according to a top GAO official who testified before a House committee.
VMware is warning all vCenter Server administrators to patch their software to fix a serious vulnerability that could be used to execute arbitrary code as well as a separate authentication flaw. Experts warn that these and other recent flaws are likely to be targeted by ransomware gangs.
Network intrusion displaced phishing as the leading hack-attack tactic last year, while ransomware continued to surge as the pandemic complicated incident response efforts, says BakerHostetler's Craig A. Hoffman, who describes trends from the 1,250 incidents his firm helped manage.
To unlock the value of quantum computing, two systemic risks - tech governance and cybersecurity - need to be overcome, says William Dixon of the World Economic Forum.
The Hydra darknet marketplace, which initially focused on narcotics sales, now also offers stolen credit cards, SIM cards, VPN access and cryptocurrency laundering services, with annual sales exceeding $1 billion, according to a new research report, which explains the market's tactics.
Fintech firms offer established financial services companies the ability to navigate the open banking revolution, but convincing them to rely on emerging cloud, container and other technologies requires flexibility and salesmanship, says Finleap Connect's Francis McGillicuddy.
Driving employees to make cybersecurity a core part of their work vision and mindset continues to be a challenge. Anne Hännikäinen, CISO of Fintraffic, describes essential best practices, from having senior leadership on board to facilitating better communication via such strategies as gamification.
As the head of product security for LeanIX, Michael Lines is primarily focused on risk management, risk assessment and data governance. He tells why he believes that more security leaders and CISOs should focus on risk.
As both a CISO and CTO, Tim Heger is in the unique position of shaping HealthBridge's approach to security as well as adopting new technologies to keep the organization on the cutting edge. In his spare time, he helps mentor and encourage startups.
Diego Souza's main responsibility as the global CISO at Cummins Inc. is focusing on the gap between IT and OT security and effectively communicating risk and other security issues to the board. But his passion is developing and mentoring the next generation of cybersecurity leaders.
Researchers at Trend Micro say that about 50,000 IPs have been compromised across multiple Kubernetes clusters in a wormlike attack by the cloud-focused cryptojacking group TeamTNT.
Carl Pei, co-founder of OnePlus, a smartphone company, said Tuesday that his Twitter account had been compromised via a third-party app called IFTTT and a tweet had been injected via his profile for an apparent cryptocurrency scam.
A Detroit man is the fourth individual to plead guilty in connection with hacking human resources databases at the University of Pittsburgh Medical Center and stealing the personally identifiable information of more than 65,000 UPMC employees, some of which was used to commit federal income tax fraud.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.