Locky is back. After falling off the radar last year, the ransomware is once again being distributed via massive spam campaigns - run by the Necurs botnet - in the form of two new variants named Diablo and Lukitus.
The latest edition of the ISMG Security Report leads with a closer look at a new exploit kit and whether it represents a resurgence in these types of criminal packages. Also featured: a discussion of new vehicle security concerns and communications advice for CISOs.
Communication consultant Michael Santarcangelo outlines three key questions CISOs should ask at the outset of any project to convey security's value and clearly set expectations
Employees are still falling for phishing scams leading to major breaches, including those related to ransomware attacks, say federal regulators, who are urging healthcare entities to step up their workforce training and awareness of email schemes.
The Medical Device Innovation, Safety and Security consortium is hoping its new network of labs operated by healthcare entities across the globe for the standardized cyber testing of medical devices will help to greatly reduce risks, say MDISS leader Dale Nordenberg, M.D., and Benjamin Esslinger of Eskenazi Health.,...
A proposed Senate bill aims to bolster the cybersecurity of medical devices, including creating a report card that provides transparency about a device's "cyber capabilities" and results from cyber risk assessments and testing. Does bill overlap with work already underway?
Britain's home secretary claims that "real people" don't really want unbreakable, end-to-end encryption - they just like cool features. Accordingly, she asks, why can't we just compromise and add backdoors, thus breaking crypto for everyone?
It's tough to find the right cybersecurity professionals to hire. Ben Chung, CISO at NTT Communications ICT Solutions, a global IT provider, describes how he narrows down candidates.
Most large organizations at least pay lip service to breach preparedness. But when it comes to proper policies, planning and practice, far too many still fall short, says Stuart Mort of the Australian telecommunications firm Optus. Here's what they are overlooking.
Security comes to Las Vegas this week in the form of Black Hat USA 2017. Hot sessions range from an analysis of power grid malware and "cyber fear as a service" to details of two major hacker takedowns and how the world's two largest ransomware families cash out their attacks.
In an in-depth interview, two security experts go head-to-head over the appropriateness of the White House engaging the Kremlin on cybersecurity matters in light of Russia's hacking of the 2016 U.S. presidential election.
The plaintiffs who are suing Donald Trump's presidential campaign for conspiring with Russia and WikiLeaks over disclosing their private information stolen from Democratic Party computers could declare a moral victory even if they lose their case. Could exposing the truth be their ultimate goal?
The workforce of information security analysts in the United States has exceeded 100,000 for the first time, more than doubling since the Department of Labor's Bureau of Labor Statistics began publishing full-year statistics for the occupation category in 2012.
Kudos to the breached business - in this case, kiosk manufacturer Avanti Markets - that quickly alerts victims and gives them actionable information for protecting themselves. Unfortunately, not all breached businesses are so forthright, as some recent data leaks demonstrate.
Ransomware attacks are increasingly using multiple proven techniques to spread quickly and achieve the maximum impact before being thwarted. They are going to get bigger and target other platforms in the future, warns Justin Peters at Sophos APAC.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.