Russian police have arrested more suspected members of a cybercrime gang that used "Lurk" malware to steal nearly $30 million from Russian banks. Separately, a lead cybersecurity investigator's arrest on treason charges appears to be chilling cross-border cooperation.
Exploit kits are out and phishing emails are in for attackers who are attempting to infect victims with ransomware, according to new research. Unfortunately, the volume of phishing - and thus ransomware - attacks continues to grow.
With great efficiencies and cost savings also come great threats and fraud risks. This is today's digital reality, and it is why cybersecurity and the user experience need to be aligned to create digital trust, says Scott Clements of VASCO Data Security.
This edition of the ISMG Security Report debunks recent reports suggesting that Austrian hotel guests were locked into - and out of - their rooms by ransomware. Also, would a cybersecurity executive order from U.S. President Donald Trump advance the nation's existing efforts?
Four years after a messy legal battle sparked by Edward Snowden using its service, the secure email provider Lavabit is back with a new platform designed to provide better privacy protection - users can select from "trustful," "cautious" or "paranoid" modes - by encrypting both email content and metadata.
Information security researchers have charted a steep decline in Locky ransomware and Dridex banking Trojan distribution in recent weeks. While that's good news, it may only reflect that a cybercrime gang is on vacation.
In a reminder that healthcare organizations continue to be targeted by more than just crypto-locking extortionists, a cyberattack against an NHS trust didn't involve ransomware - as some initial reports suggested - but rather a never-before-seen Trojan.
Dutch police reveal they arrested an e-commerce website developer on charges of installing backdoors that allowed him to siphon 20,000 email addresses and passwords, which he then allegedly used to commit fraud using some old-school tactics.
Rudy Giuliani, the former New York mayor who's been tapped by U.S. president-elect Donald Trump to lead a cybersecurity corporate outreach program, runs a security consulting firm with a website that's been given a failing grade for its security.
The KillDisk disk-wiping malware, previously tied to espionage operations, has been updated with crypto-locking capabilities and now targets Linux as well as Windows systems. But security experts warn that attackers using the Linux variant have no way to furnish a decryption key.
Hackers have apparently hijacked potentially thousands of vulnerable MongoDB databases and demanded ransoms for the return of critical data, with some victims paying up, according to security researchers.
For the second year in a row, the vast majority of health data breach victims were affected by hacker attacks in 2016, and the trend shows no signs of abating. Experts offer forecasts for breach trends in the year ahead.
Far too many healthcare organizations and their business associates are still neglecting to address some data security basics, says privacy and security expert Rebecca Herold, who recommends they resolve to take three critical steps in the new year.
As the Trump administration begins, expect a ramp-up in cyber espionage as well as more "test attacks" by nation-states, says cybersecurity specialist Brad Medairy of the consultancy Booz Allen Hamilton.