As an assistant U.S. attorney in northern Georgia, Nathan Kitchens has seen scores of cybercrime cases - especially ransomware attacks and business email compromises. And he has two words of advice to potential victims: Be prepared.
Organizations have more endpoints today than ever, and securing those endpoints is challenging, because it's rare that any one organization is responsible for all the endpoints that touch its network and servers, says Mike Spanbauer, vice president of research and strategy at NSS Labs.
As attorney general of the state of Georgia, Christopher Carr sees the rise of cybercrime. But he also sees the growth of the cybersecurity industry in response to criminal threats. How does he envision his role in protecting the state?
A recent ransomware attack on electronic health records and practice management software vendor Greenway Health, which affected several hundred physician group practices using its cloud-based applications, is a reminder to all healthcare providers of the risks that vendors can pose.
Warning: Drop everything and patch all the Windows things now. That's the alert being sounded by security researchers in the wake of attackers adopting Equation Group attack tools designed to exploit an SMB flaw and install DoublePulsar backdoor.
When she first joined the Los Angeles County district attorney's office, Maria Ramirez prosecuted street gangs. Now she's cracking down on cyber gangs and is opening her case file to share lessons learned from cases involving business email compromise and ransomware.
When it comes to vulnerability management, many organizations opt to protect only their most critical security gaps - but, meanwhile, the criminals exploit the secondary vulnerabilities. Kevin Flynn of Skybox Security explains why context is everything in managing vulnerabilities.
As hacking incidents appear to spike again on the federal breach tally, a small Kentucky-based physician practice is the latest healthcare entity to report a major breach involving a ransomware attack.
Spanish police arrested Russian computer programmer Pyotr Levashov, apparently while he was vacationing with his family. Authorities say his arrest relates to alleged Kelihos spam botnet and pump-and-dump stock campaigns, not to Russia's alleged interference in the 2016 U.S. presidential election.
A Texas-based pediatric practice is the latest healthcare entity to report a major data breach following a recent ransomware attack, despite the organization's efforts to mitigate the incident quickly.
A scareware campaign has been locking iOS devices with faux ransomware, demanding a payoff via virtual iTunes gift cards, security researchers warn. A fix for the exploited iOS flaw is included in a massive batch of product patches and updates released by Apple.
One of the world's biggest botnets, Necurs, is back. But instead of flinging banking Trojans and ransomware, this time it's spouting spam aimed at influencing the price of cheap stocks, say security researchers from Cisco's Talos group.
Crypt0L0cker ransomware - originally tied to the Gameover Zeus gang - has returned, researchers warn, and in some cases is digitally signed to make it appear legitimate. Other attack campaigns are spreading Cerber and Sage Locker via spam emails sent via short-lived domain names.