A British man who was initially arrested on suspicion of hacking English socialite Pippa Middleton's iCloud account has been sentenced to serve a three-year prison sentence after he pleaded guilty to unrelated fraud and blackmail crimes. But he may also have ties to The Dark Overlord extortion gang.
A veteran security researcher has become entangled in a conflict with Chinese drone manufacturer DJI over his security vulnerability report, which initially qualified for the manufacturer's bug bounty program. The researcher says communications broke down after he refused to sign a legal agreement.
The European Union's recently passed Global Data Protection Regulation or GDPR is something that all boards should be paying attention to. This regulation can affect any business, big or small, that houses data on EU customers and the board of directors is inherently responsible for making sure that data is being...
Kaspersky Lab says it "inadvertently" scooped up classified U.S. documents and code from an NSA analyst's home computer, but suggests it wasn't the conduit by which the material ended up in Russian hands. It claims that the computer was riddled with malware.
Dozens of lively discussions sprung up among the healthcare CISOs, legal experts and leaders from government agencies and technology vendors at Information Security Media Group's Healthcare Security Summit in New York. So what are some of the key takeaways?
A recently published 2017 survey of over 400 security professionals in the U.S., U.K. and Germany measured how well their organizations implemented security controls for SSH keys. The results show that most organizations are underprepared to protect against SSH-based attacks, with fewer than half following industry...
Take control of your SSH keys to minimize your risk of intrusion
SSH keys provide the highest level of access rights and privileges for servers, applications and virtual instances. Cyber criminals want this trusted status and invest considerable resources into acquiring and using SSH keys in their attacks.
SSH is used for secure administrative access, but what happens if it's not secure? Despite the sweeping access SSH keys grant, including root access, most are not as tightly controlled as their level of privilege requires.
If your organization doesn't know which administrators or SSH keys have access to which...
Businesses need to find more ways of incentivizing good researchers to find flaws in technology before bad actors discover them, says Rafael Narezzi, CIO of financial services firm TS Lombard. For every bug hunter with good intentions, how many more are developing weaponized exploits for sale on darknet markets?
A security service from McAfee designed to scan and block malicious links sent via email appears to have given a free pass to "Emotet" banking malware, a researcher warned. But McAfee contends that its ClickProtect service worked as intended.
Clearly, adherence to HIPPA, NIST and other regulators in healthcare is paramount, but that does not mean that your organization isn't vulnerable to cybercrime hacking. When the average breach is worth $3.62 million with $380 per patient record compromised (as per Ponemon's 2017 Cost of
a Data Breach Report), the...
Since last year, North Korean hackers have been targeting businesses in the financial services, aerospace and telecommunications sectors by exploiting a remote administration tool, or RAT, according to an alert issued Tuesday by the United States Computer Emergency Response Team.
In the year ahead, cyber threats to the healthcare sector will continue to evolve from attacks primarily involving the theft of health data to assaults aimed at disrupting organizations' operations, predicts Sean Murphy, CISO of health insurer Premera Blue Cross.
With the aim of protecting data privacy, the government of Singapore is considering taking steps to greatly reduce the use of the National Registration Identity Card numbers for verifying consumers' identities.