A Treasury Department advisory offers a reminder that financial institutions, cyber insurance firms and others that facilitate a ransom payment after a ransomware attack could face federal penalties. But the warning isn't necessarily a sign of a looming enforcement effort, some cybersecurity experts say.
Death via a thousand paper cuts? The U.S. government hasn't been able to arrange a domestic court date for whistleblower Edward Snowden, but via the courts, it's successfully been awarded $5.2 million in his book royalties and revenue from speaking engagements.
The attorneys general of 42 states plus Washington, D.C., have slapped health insurer Anthem with a $39.5 million settlement in the wake of a 2014 cyberattack that affected nearly 79 million individuals. Meanwhile, California's attorney general signed a separate $8.7 million settlement with the insurer.
Yevgeniy Nikulin, a Russian national who was found guilty of hacking LinkedIn and Dropbox and stealing millions of user credentials, has been sentenced to more than seven years in federal prison.
Legislation that establishes minimum security standards for IoT devices procured by the federal government is moving closer to becoming law. A bill has passed the House, and chances are likely better than ever for Senate support following a rewrite of parts of the bill.
A federal judge Sunday granted TikTok's request for a temporary injunction to block the Trump administration's order that would have banned the Chinese social media app from the U.S. The order came hours before the ban was scheduled to go into effect.
The U.S. Government Accountability Office is urging Congress to pass legislation to reestablish a White House cybersecurity coordinator role. The position would coordinate the government's response to online attacks and other cybersecurity challenges facing the nation.
Training employees to resist phishing emails is key to preventing compromises. But an exercise run by Tribune Publishing Co. created a searing backlash after its phishing exercise tempted employees with bogus bonuses in a year in which they had already endured financial hardships.
The U.S. National Institute of Standards and Technology this week released a long-awaited guidance update, Special Publication 800-53 Revision 5, describing "next-generation security and privacy controls" and how to use them.
As the tally of reported heath data breaches related to the May ransomware attack on Blackbaud continues to climb, so do the number of lawsuits filed against the cloud-based fundraising software vendor.
Revisiting remote workforce security defenses, simplifying cloud access controls and pursuing risk-based vulnerability management and passwordless authentication are among the 10 security projects that all organizations should consider for this year and next, according to advisory firm Gartner.
In an in-depth interview, Denyette DePierro of the American Bankers Association provides an overview of emerging regulatory issues, cloud security challenges and the use of social media apps for payments.
Russian criminals operating online who want to stay out of jail need only to follow a few simple rules, the primary one being: Never target Russians. So it's surprising that security researchers have uncovered a new ransomware-wielding gang of Russian speakers that includes Russian victims on its hit list.
A U.K. resident who was a member of The Dark Overlord hacking group pleaded guilty to federal charges Monday and was sentenced to five years in prison, according to the U.S. Justice Department. The group targeted several healthcare organizations and others.
The 2020 Security Effectiveness Report shares our findings from an evaluation of 100+ enterprise production environments globally across every major vertical.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.