Writing the obituary for the lifeless Neutrino exploit kit leads the latest edition of the ISMG Security Report. Also, judging the value of the Department of Health and Human Services' wall-of-shame website of healthcare sector breaches.
Clothing retailer Buckle says malware installed on its point-of-sale systems apparently stole customers' payment card details for nearly six months. Buckle's warning, which follows a breach alert from Kmart, shows the fight against payment card fraud is far from over.
Sixty-five percent of security leaders consider their organizations' security postures to be above average or superior. But only 29 percent are very confident in their security controls. Neustar's Tom Pageler analyzes results of Strategic Cybersecurity Investments Study.
Britain's security services have reportedly concluded that the WannaCry ransomware outbreak was launched by Lazarus group, a hacking team tied to North Korea. Attribution aside, security experts question how many organizations can defend themselves against Lazarus attacks.
The CEO of the company that crippled WannaCry's ransomware component explains to Congress how the worm continues to attack unpatched systems at increasing rates. Also, creating a healthcare cybersecurity framework.
Good news: The Neutrino exploit kit - once a major exploit kit player - appears to have disappeared from the cybercrime scene. While it's unclear if Neutrino is gone for good, rivals have already filled any gaps in the market.
The U.S. government on Wednesday issued its most direct and technically detailed advisory about North Korea's hacking activity to date, warning that the country continues to target U.S. media, aerospace, financial and critical infrastructure sectors.
Victims of Jaff and EncrypTile ransomware can take advantage of two new free tools from security firms that exploit weaknesses in the malware crypto to forcibly crack encrypted files on demand - no potential ransom-payment required.
Microsoft fears that nation-state actors may unleash viral code that could devastate users. On Tuesday, it released software fixes again for its older operating systems in hopes of averting a repeat of last month's infection of tens of thousands of computers with ransomware.
Police in Europe have dismantled a cross-border gang devoted to perpetrating payment card fraud that they say used card skimmers, micro cameras and other devices to harvest payment card data from at least 3,000 victims.
Two security firms have investigated what they describe as a malware platform for attacking the industrial control systems that run electricity plants. They warn that the platform was the likely culprit behind the December blackouts in Ukraine.
Banks that collectively own SWIFT saw their profits vanish last year as the organization increased its investments in information security, even as the interbank messaging service handled record volumes of money-moving messages.
New details have emerged relating to the 2015 hack attack against French broadcaster TV5Monde, which resulted in multiple television channels going dark as well as social media channels run by the broadcaster being hijacked and used to spew purported jihadist propaganda.
HHS has issued a checklist and other materials to aid healthcare organizations and their vendors in their "quick response" to cyberattacks. The move comes as Congress scrutinizes HHS' efforts to help the healthcare sector improve its cybersecurity capabilities.
Former FBI Director James Comey trickled out new details during a Senate Intelligence Committee hearing about what the FBI knew and when regarding Russia's alleged cyber intrusions. We've rounded up the details.