A hacker exploited an unpatched, 12-month-old flaw in a small Australian defense contractor's IT help desk and stole data for the country's F-35 Joint Strike Fighter program, among other secrets, the Australian government has warned.
As the security of medical devices becomes a growing concern, hospitals need to implement appropriate controls and apply machine intelligence to detect threats, says Venkataraman Subramanian, information security officer at Columbia Asia Hospitals.
North Korea's leaders apparently blew a gasket over "The Interview," a comedy film that centered on an assassination plot against North Korea's leader. So how might the country have reacted to U.S.-South Korean "decapitation strike" plans reportedly stole last year by Pyongyang-affiliated hackers?
Credit-reporting agency Equifax now says records exposed in the massive data breach it revealed last month included information relating to 15.2 million U.K. residents - a much higher figure than the business first suggested.
It is said that "Data is the new oil." If that's the case, then organizations need to do a far better job inventorying and securing their wells, says Laurence Pitt of Juniper Networks. He offers insights on leveraging and securing data.
The Dark Overlord, a hacking group that hijacks data from businesses and holds it for ransom, is now threatening school districts. The apparent intent isn't to get ransoms from schools per se, but to create a fear campaign designed to scare big businesses into paying the group's ransoms.
An analysis on finding a replacement for Social Security numbers as an identifier for individuals leads the latest edition of the ISMG Security Report. Also, assessing Kaspersky Lab's responsibility for the hack of an NSA contractor's computer.
New York state's Department of Financial Services is enforcing minimum cybersecurity standards by which all banks and other financial services firms that it regulates must abide. Think of the new regulation "as a playbook or a guidepost," says cybersecurity attorney Paul Ferrillo.
Researchers claim to have discovered information from 6,000 Indian enterprises, including governmental units, for sale on the dark net. But while the National Internet Exchange of India, the apparent source of the information, is attempting to downplay the incident, others are demanding a clear explanation.
Malware-wielding attackers reportedly hacked into a Taiwanese bank last week and transferred nearly $60 million via fraudulent SWIFT money-moving messages to accounts in Cambodia, Sri Lanka and the United States. Authorities say most of the stolen funds have been recovered.
The commenting platform Disqus is resetting passwords after discovering that its database was breached in 2012. The breach is one of several older breaches that have only now come to light, thanks to the stolen data having surfaced. But how many older breaches have yet to be discovered?
Criminals in Mexico have added endoscopes to their ATM-attack toolkits, warns cash-machine manufacturer NCR. Pairing endoscopes with "black box" attacks can enable criminals to defeat sensors and instruct an ATM to dispense all of its cash.
If an NSA analyst took malware home and it was stolen from his home PC by a foreign intelligence agency, who are you going to blame? As the U.S. government's campaign against Kaspersky Lab intensifies, here are 10 facts, clarifications and likelihoods to keep in mind.
Hackers working for Russia gained access to the home computer of an NSA employee in 2015, pilfering highly classified material and spying code. U.S. officials claim Kaspersky Lab's software helped the hackers, but numerous questions remain unanswered. We round up the issues in play.
Leading the latest edition of the ISMG Security Report: A deep dive into how continuously monitoring user behavior could replace passwords as a means of authentication. Also, U.S. federal agencies continue to fall short on IT security.