Where are security practitioners in their zero trust journeys, and what approach to zero trust have they taken? Three experts - Netskope's David Fairman, Exceture's Mario Demarillas, and Petronas' Soumo Mukherjee - share their thoughts in a panel discussion.
New York State Attorney General Leticia James detailed a credential stuffing investigation that showed the compromise of 1.1 million user accounts linked to "well-known" retail operations. The 17 companies involved reportedly agreed to put new measures in place to mitigate cyber risks.
Morgan Stanley agreed to a $60 million settlement to resolve a class action lawsuit claiming the banking giant violated security compliance laws and provided negligent oversight when a third party did not properly decommission legacy IT systems in 2016 and 2019.
Two years into the pandemic, pharmaceutical firms remain a top target for cybercriminals, and that trend will undoubtedly persist in 2022, says Paul Prudhomme, a former Department of Defense threat analyst who is now a researcher with cybersecurity threat intelligence firm IntSights.
Synthetic ID fraud has grown in popularity, with U.S. companies reporting losses of $20 billion in 2021 compared to $6 billion in 2016. Cybersecurity experts discuss with ISMG why this type of fraud has gained traction, how fraudsters use it, mitigation steps, and what we can expect in 2022.
A medical biller in Florida and an emergency medical technician in New York have each pleaded guilty in two separate federal cases involving the criminal misuse of patient information. One case involved healthcare fraud and identity theft, and the other criminal HIPAA violations.
Advanced voice impersonation and deepfake technologies are giving rise to cybercrime groups that offer Vishing-as-a-Service, security researchers say. Vishing is proving to be successful in tricking victims and bypassing voice authorization mechanisms.
A recent hack of a Utah medical radiology group's network server has compromised sensitive health information of more than a half-million individuals, ranking the incident among the 20 largest health data breaches posted on the federal tally so far this year. What are the risks to patients?
A federal judge has imposed the maximum sentences - a total of seven years in prison - on a hacker who earlier pleaded guilty in a conspiracy case involving the hacking of University of Pittsburgh Medical Center human resources databases and the theft of personal information of 65,000 employees - some which was sold...
The number of breach reports filed by U.S. organizations looks set to break records, as breaches tied to phishing, ransomware and supply chain attacks keep surging, the Identity Theft Resource Center warns. It says that there's also been a rise in tardy breach notifications containing little detail.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including why enterprises need a multilayered approach to securing identity, how fraud will evolve in 2022 and the need to secure backdoors to prevent ransomware attacks.
Despite the popular perception of identity theft as a major cause of fraud, it accounts for only 20% of auto loan fraud risk while income and employment misrepresentation account for 60% of loan losses, says Justin Davis, fraud consultant at Point Predictive. He discusses tools that can catch this type of fraud.
Microsoft has officially gone fully passwordless, allowing Windows users to replace their alphanumeric passwords with one of several substitute sign-in technologies to gain entry into a Microsoft product - a move received positively by industry insiders.