Federal regulators have issued a warning to healthcare sector organizations about a phishing email campaign that pretends to be compliance audit communications from the nation's top HIPAA enforcer. But who's really sending out these emails?
The latest ISMG Security Report leads with a look at the ransomware attack against San Francisco's light rail agency. Also featured is an analysis of the ongoing fallout from Australia's online census project.
Score one for preparation: In the wake of a ransomware attack that infected 900 workstations, the San Francisco Municipal Transportation Agency says it's restoring affected systems, vowing to not give the attackers a single bitcoin of their ransom demand.
As more organizations take advantage of cloud computing, it's essential that they set precise security expectations with their vendor partners, Carson Sweet of CloudPassage says in this video interview.
The U.S. Navy is set to begin notifying more than 130,000 current and former sailors that their personal information was "accessed by unknown individuals" after a Hewlett Packard Enterprise Services employee lost a laptop.
IBM will pay an unspecified amount to the Australian government for the vendor's role in the technical problems related to the recent online census, which dented public confidence in large-scale IT projects.
Cybercriminals broke into the payment card processing system used by the Madison Square Garden Co., owner of Radio City Music Hall and other iconic entertainment venues, harvesting payment card details for nearly a year.
Soltra Edge, the automated threat intelligence sharing platform that had been slated to be phased out, has been rescued by NC4, a cyber threat intelligence firm that has purchased the platform, Bill Nelson of FS-ISAC explains in this exclusive audio interview.
In the 13th HIPAA enforcement action this year, federal regulators have slapped the University of Massachusetts Amherst with a $650,000 financial settlement and corrective action plan after investigating a relatively small 2013 breach involving a malware infection at a campus speech and language center.
So, if 2016 was the year when mobile security threats finally started to materialize and mature, what can we expect to see in 2017? Tom Wills of Ontrack Advisory shares insight on the mobility threatscape and new enterprise solutions.
After complaints from merchants and an update from the Fed, Visa has modified debit routing rules, noting that merchants can route U.S. EMV debit transactions through any of more than a dozen available networks, and not just Visa's. The move could have implications for chip-and-PIN use.
Three Mobile, one of the largest U.K. mobile providers, saw more than 132,000 accounts breached in a scam in which fraudsters ordered new devices for customers and then tried to intercept the deliveries.
Vulnerable firmware has been highlighted again in a range of low-cost Android phones, raising concerns over their security. This latest incident comes 11 months after security analysts first raised flags.
Cloud-based services can be both a "blessing and curse" when it comes to dealing with security, says John Houston, CISO and associate counsel for the University of Pittsburgh Medical Center, who explains why in this video interview.