A cybersecurity vulnerability discovered in open source software used by organizations conducting genomic analysis could potentially have enabled hackers to affect the accuracy of patient treatment decisions. But the vulnerability was patched before hackers took advantage of it, researchers believe.
Britain's privacy watchdog has proposed a record-breaking $230 million fine against British Airways for violating the EU's General Data Protection Regulation due to "poor security arrangements" that attackers exploited to steal 500,000 individuals' payment card data and other personal details.
HSBC paid a record $1.92 billion fine for money laundering violations in 2012. But no one ever went to jail for the crimes. Whistleblower Everett Stern discusses lessons learned from the case and the concept of "too big to jail."
Déjà vu basic cybersecurity challenge all over again: With the U.S. government warning that geopolitical tensions could trigger wiper-attack reprisals, security experts review the basic anti-wiper - and anti-ransomware - defenses organizations should already have in place.
Healthcare information is a prime target for malicious attackers because it has a high value on the black market, says Amanda Rogerson of Duo Security, who calls for adoption of a "zero trust" model to boost security.
A distributed denial-of-service attacker who crashed a popular gaming service at Christmas has been sentenced to serve 27 months in prison. Austin Thompson has also been ordered to pay $95,000 in damages to Daybreak Games.
A recent $3 million bank heist in Bangladesh is likely the handiwork of "Silence," a Russian-speaking gang known for its slow and methodical attacks against banks and ATMs, according to an analysis by security firm Group-IB.
The U.S. Cyber Command has issued a warning that attackers are attempting to exploit an older vulnerability in Microsoft Outlook to plant remote access Trojans or other types of malware within government networks. Some researchers say the exploits could be tied to an Iranian-backed threat group.
D-Link has reached a proposed settlement with the U.S. Federal Trade Commission, which alleged the IoT device developer left consumers vulnerable to hackers through inadequate security practices. The terms of the settlement may serve as a warning to IoT makers to get their security checks in order.
Malicious actors are increasingly using social media platforms to spread malware to unsuspecting victims. In the latest incident, Facebook removed more than 30 pages from its platform after security analysts with Check Point Research found that a hacker had loaded them with malware.