Two years after WannaCry wreaked havoc via flaws in SMB_v1 and three years after Mirai infected internet of things devices en masse via default credentials, attackers are increasingly targeting the same flaws, security experts warn.
The ransomware blitz against the healthcare sector continues: A Utah clinic has reported an attack that potentially affected 320,000 patients, making it one of the largest breaches of its kind so far this year.
A mishap involving the mailing of breach notification letters has led a Tennessee hospice to issue a "corrective" privacy breach notification. The incident is yet another example of why healthcare organizations need to carefully scrutinize their breach response and notification processes.
Cybercrime is surging thanks, in part, to the availability of inexpensive hacking tools and services. A recent look by security firm Armour at black market offerings finds stolen payment card data, RDP credentials, ransomware and DDoS services are widely available for sale.
Apple is criticizing recent Google research that describes an expansive iPhone hacking campaign, accusing Google of "stoking fear" among users of its products. Google says it stands by its blog post, which focused on technical findings.
Federal regulators have recently issued three advisories on cybersecurity vulnerabilities identified in medical devices. Some experts say the spotlighted flaws are issues commonly found in legacy medical devices as well as other IT products.
Three weeks after a ransomware attack slammed 22 Texas municipalities' systems, state officials say more than half of the cities have returned to normal operations and the rest have advanced to system restoration. Meanwhile, officials have shared lessons learned for managed service providers and customers.
Paige A. Thompson, who prosecutors allege hacked into Capital One's network to access millions of credit card applications, has pleaded not guilty to federal computer crime charges. Her tentative trial date is Nov. 4.
This week's ISMG Security Report takes a close look at whether an iPhone hacking campaign may be linked to Android spying campaigns by China. Plus: Do ransomware gangs target organizations that have cyber insurance?
With widespread use of Active Directory across industries and organizations of all sizes, it is frequently a target for bad actors who can use a cracking dictionary or exposed credentials to gain unauthorized access to an employee's account.