Attackers have been exploiting JBoss application servers to install remote-control web shells as part of a campaign that targets enterprises with network-hopping SamSam (a.k.a. Samas) ransomware, researchers at Cisco Talos warn.
A cybercrime gang has been using new malware to target business customers of banks in the United States and Canada and steal millions of dollars, primarily from business accounts, researchers at the IBM X-Force security group warn.
Even with the exponential increase in what technology can achieve in fighting security threats and fraud, a recent discussion with practitioners suggests that insider risk remains the biggest issue giving practitioners sleepless nights.
Russian authorities have reportedly sentenced Dmitry "Paunch" Fedotov, the developer of the notorious Blackhole exploit kit that's been linked to large amounts of fraud, to seven years in prison - an unusually severe sentence for online crime in that nation.
A federal court's recent rejection of a motion filed by health insurer Anthem Inc. in its attempt to fight a class-action lawsuit in the wake of its massive data breach is important because it upholds the privacy rights of breach victims, says attorney Steven Teppler.
Is it ever acceptable for ransomware victims to pay a ransom to obtain the decryption key required to restore access to their data? Due to poor preparation, many organizations continue to face that question.
Backed by its own logo, Badlock refers to a set of critical Samba vulnerabilities in Windows and most Unix/Linux operating systems, which attackers could exploit to launch man-in-the-middle attacks against corporate networks.
Security experts are once again warning all Flash users to either update or uninstall the browser plug-in software to protect themselves against active exploit kit attacks that are targeting a zero-day Flash flaw to install ransomware.
As the threat of malware infections, especially those involving ransomware, grows, organizations need to balance their perimeter-based security practices with an "intrusion tolerance" strategy that helps ensure a quick recovery, says medical device cybersecurity expert Kevin Fu.
A recent study reveals that India ranks third globally in financial Trojan infections, with more than 60,000 computers getting compromised in 2015 alone. Experts analyze why and recommend best practices to tackle them.
What steps can organizations take to help ensure they're not the next victim of a ransomware attack? Technology expert Craig Musgrave of The Doctors Company, which offers cyber insurance, identifies the top priorities.
As Medstar Health completes its recovery from a recent malware attack that led to a temporary shutdown of most of its systems, other U.S. hospitals continue to struggle with similar attacks, many of them involving ransomware. What risk mitigation steps are most essential?
Revelation of 321 attempts to place ransomware on federal government computers in the second half of last year raises a number of questions about the effectiveness of the Einstein intrusion detection and prevention system as well as how the government responds to such attacks.
Federal regulators have issued new guidance urging healthcare organizations and business associates to bolster their cyberattack defenses. The advice comes after a string of recent high-profile attacks on hospitals.
MedStar is but the latest healthcare entity to fall victim to a ransomware attack. What can organizations do proactively to improve their ransomware defenses and response? PhishMe CEO Rohyt Belani offers insight.