A roundup of the just-concluded ISMG Fraud and Breach Prevention in Toronto leads the latest edition of the ISMG Security Report. Also, how one CISO gets his security message across to the board and the challenges CISOs face during their first 100 days on the job.
The handling of a recent data breach - the details of which are still unfolding - by Oakland, Calif.-based web services company Regpack provides a look into how the discovery and disclosure of a breach can turn into a real train wreck.
Microsoft has released a slew of security fixes to patch critical vulnerabilities, including in its IE and Edge browsers. One zero-day flaw, fixed via a Microsoft Office patch, has been exploited in the wild for more than two years.
Fancy Bear strikes again: the suspected Russian hacking group released confidential medical records for four U.S. Olympic athletes, falsely contending the documents prove illegal drug use by the Olympians.
The cybercrime sector involves a rapidly growing services economy that provides everything from bulletproof hosting and stresser/booter DDoS on demand, to ransomware-as-a-service and sites that offer to launder bitcoins via a process known as tumbling.
Is recently issued guidance from federal healthcare regulators clarifying when a ransomware attack needs to be reported starting to have an impact? Two recent breach notifications could be an early indication that the answer is yes.
SentinelOne, one of a batch of vendors using machine learning to conquer malware, says it will not integrate its behavioral detection engine into Google's VirusTotal service. CEO Tomer Weingarten claims the investment wouldn't provide a worthwhile return.
Recent data breaches involving mental health and substance abuse information highlight some of the special challenges that organizations can face in protecting extra-sensitive patient records. In one incident, stolen patient data was reportedly posted on the dark web.
Two men allegedly tied to the hacking group "Crackas With Attitude" have been arrested as part of an investigation into hacks of U.S. government systems and senior government officials, including CIA Director John Brennan's personal AOL email account.
Wells Fargo will pay $185 million in fines over employees illegally subscribing customers to banking products they didn't request - creating 2 million ghost accounts in the process - in what appears to be one of the largest cases of identity theft ever recorded.
Cyber threat information sharing in the healthcare sector urgently needs to be standardized so organizations can take appropriate action based on the intelligence, says Jeffrey Vinson, CISO of Harris Health System, who discusses findings emerging from ongoing federally funded research.
Chipmaker Intel will spin out its Intel Security unit - once again named McAfee - with a value that's markedly lower than what it paid. Meanwhile, long-gone founder John McAfee is suing for the right to launch a new security company bearing his name.