Sodinokibi/REvil appears to be making millions since it seized the ransomware-as-a-service mantle from GandCrab earlier this year. Security firm McAfee says up to 40 percent of every victim's ransom payment - average: $4,000 - gets remitted to the Sodinokibi actor, with "affiliates" keeping the rest.
Robotic process automation aims to use machine learning to create bots that automate high-volume, repeatable tasks. But as organizations tap RPA, they must ensure they take steps to maintain data security, says Deloitte's Ashish Sharma.
Data breaches involving phishing and related email compromises persist as a top challenge for healthcare providers. So, what are some of the top trends emerging from these incidents?
Enforcing patients' rights under HIPAA to access their health information - including via health apps - is a top policy initiative at the HHS Office for Civil Rights, Director Roger Severino said in a Wednesday presentation. He also said a $2.1 million HIPAA penalty would be announced soon.
Despite a crackdown on some of its members in 2018, the FIN7 gang has returned with new malicious tools, including a revamped dropper and payload, according to analysts at FireEye. The hacking group is known for targeting point-of-sale machines and IT networks at a wide variety of businesses.
Great Rail Journeys is the UK's leading seller of holidays by rail, making it easy for customers to browse and book trips online. But as they were actively expanding their customer base internationally to North America, with the ultimate goal of delivering services globally, they recognized a few technical challenges,...
Cybersecurity vendor Imperva's breach post-mortem should serve as a warning to all those using cloud services: One mistake can turn into a calamity. The company accidently left an AWS API key exposed to the internet; the key was then stolen and used to steal a sensitive customer database.
Significant security events have many techniques in common, says Chris Hallenbeck of Tanium, who describes why security hygiene improvement, especially patch management, is so essential.
The personal data of Mississippi citizens is susceptible to breaches because many state agencies, universities and other organizations are failing to comply with all the mandates of the state's cybersecurity law, according to a report issued by the Office of the State Auditor.
Online attack threats continue to intensify, with criminals preferring ransomware, DDoS attacks and business email compromises, warns Europol, the EU's law enforcement intelligence agency. After numerous successful disruptions by police, criminals have responded by launching increasingly complex attacks.
Federal regulators are proposing a "safe harbor" that would permit hospitals to donate certain cybersecurity software and services to physicians. The move would modify the so-called Stark Law and federal anti-kickback regulations.
The U.S. National Security Agency is the latest intelligence agency to warn that unpatched flaws in three vendors' VPN servers are being actively exploited by nation-state attackers. Security experts say such alerts, which are rare, are a clear sign that serious damage is being caused.
How can IT and security operations work together to mitigate risk while embracing change?
This new study from found that while these two groups are getting better at collaborating, several key roadblocks continue to undermine their success. Ready to understand what those roadblocks are and how to overcome...
Microsoft's Remote Desktop Protocol is one of the most widely used utilities for connecting to remote machines. But it poses risks if organizations don't actively monitor how it's used, says Chris Morales of the security firm Vectra.
The Food and Drug Administration has issued an alert warning healthcare organizations about 11 vulnerabilities dubbed "URGENT/11" involving IPnet, a third-party software component that may introduce risks for certain medical devices and hospital networks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.