The FBI has created a new policy to give "timely" breach notifications to state and local officials concerning election hacking and foreign interference. The updated guidelines look to correct some of the mistakes in the run-up to the 2016 presidential election.
Five years ago, cybersecurity executive Dave Merkel called upon enterprises to shed their "peacetime" mindsets and adopt a "wartime" stance against persistent cybercriminals and nation-state actors. How have they risen to that challenge?
Proof-of-concept code has been released to exploit a severe Citrix vulnerability present in tens of thousands of enterprises. Citrix says it's developing permanent patches but that enterprises should use its mitigation guidance. In the meantime, attackers are hunting for vulnerable machines.
Corporate network security breaches, which can prove costly to remediate and expose a company to lawsuits, are frequently the result of vulnerabilities that could have been fixed for a relatively low cost. A a brute force penetration test is a critical first step in finding those vulnerabilities.
Protecting enterprise networks from attackers boils down to the same thing: Unless organizations get the basics right, they're sitting ducks. That's a top takeaway from experts warning that Iran will likely retaliate with cyberattacks after one of its senior military leaders was killed by a U.S. drone strike.
Data breaches can happen to any organization, so it's important to understand your organization's risk of a data breach. But where should you start your assessment? What practical and pragmatic steps can you take?
Register for this live webinar on data breach myths vs. realities and you will learn about:
Why...
Future trustworthy and secure cyber systems need to be able to operate even in a degraded state. Ron Ross of NIST details the components of a new publication on cyber resiliency.
The federal tally of health data breaches shows that hacking attacks and incidents involving business associates dominated this year. Here's an analysis of all the latest trends.
A common misconception about the "zero trust" model is that once it's deployed, network security is no longer required, says Steven Hunter of Forescout.
A clear theme Wednesday throughout the first day of the Black Hat Europe conference was the importance of approaching the design and defense of networks and systems by thinking like the enemy.
Virtual Care Provider Inc., which provides cloud hosting and other services to more than 110 healthcare entities, including nursing homes and assisted living facilities, is struggling to bounce back from a ransomware attack in which hackers demanded a $14 million ransom.
Two rules proposed by federal regulators could provide significant help to strengthen cybersecurity in the healthcare ecosystem, says regulatory attorney Julie Kass of the law firm Baker Donelson.
Two recent reports issued by separate watchdog agencies spotlight data privacy and security challenges at the Department of Veterans Affairs. What were the critical concerns?
The Australian Parliament's computer network was compromised in January after politicians browsed a legitimate website that was compromised. The watering-hole style attack resulted in a small amount of non-sensitive data being revealed, according to the leader of the Senate.
Senator Mark Warner, D-Va., is scrutinizing the Department of Health and Human Services' Office for Civil Rights' response to the recent discovery by German researchers of millions of patients' medical image files being exposed on the internet - including by a U.S. company.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
