Forget attributions of the German parliament malware outbreak to Russia, or Chancellor Angela Merkel's office being "ground zero." The real takeaway is the Bundestag's apparent lack of effective defenses or a breach-response plan.
Symantec has issued new warnings about a malware strain known as Poweliks, noting that this Trojan is being used in conjunction with ransomware. But security experts disagree over the severity of the threat.
At ISMG's Healthcare Information Security Summit, a CIO and two CISOs offered insights on winning CEO support for information security spending as well as building a culture of security. Find out what they had to say.
An international police effort dubbed "Operation Triangle" has resulted in the arrest of 49 suspected members of a cybercrime group accused of launching phishing attacks to steal at least $6.7 million.
How does an advanced threat adversary operate for 10 years, undetected? FireEye APAC CTO Bryce Boland shares details of the decade-long APT30 campaign that targeted organizations in India and Southeast Asia.
This year's Infosecurity Europe conference in London is offering a top-notch range of sessions, ranging from how to battle cybercrime and social engineering to building a better security culture and workforce. Here's my list of must-see sessions.
Wanted: Hackers for hire. Or in British government parlance: "Committed and responsible individuals who have the potential to carry out computer network operations to keep the U.K. safe." Ready to apply?
Partners HealthCare System is the latest healthcare organizations to suffer a data breach following a phishing attack. But why did Partners wait five months to issue a breach notification, when HIPAA requires notifications within 60 days?
Partners HealthCare System announced that it is the latest healthcare organization hit by a data breach attributed to a phishing attack. The records of an estimated 3,300 individuals may have been compromised in the incident.
Psychologically speaking, nothing beats the power of a well-timed deadline. And love it or hate it, Google's 90-day "Project Zero" deadline for fixing flaws - before they get publicly disclosed - has rewritten bug-patching rules.
A federal banking regulatory agency has issued a warning about a new phishing campaign that aims to con consumers into disclosing personal and financial details by feigning to be a request from the regulator.