Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify, discusses best practices for securing healthcare data against the modern threat landscape. [...]

In this Threatpost podcast, Fortinet’s top researcher sketches out the ransom landscape, with takeaways from the DarkSide attack on Colonial Pipeline. [...]

FinTech fraud spikes 159 percent in Q1 2021 along with stimulus spending. [...]

Responsible nations don't harbor cybercrooks, the Biden administration admonished Russia, home to the gang that reportedly froze the global food distributor's systems. [...]

On June 8, Amazon’s pulling all its devices into a device-to-device wireless mix, inspiring FUD along the way. Now's the time to opt out if you're be-FUDdled. [...]

Mobile ad fraud has always been a challenge for network operators in all parts of the globe, but the pandemic has made users more vulnerable than ever before due to the sheer amount of time they now spend with their devices. [...]

The bug in HPE SIM makes it easy as pie for attackers to remotely trigger code, no user interaction necessary. [...]

Microsoft uncovered the SolarWinds crooks using mass-mail service Constant Contact and posing as a U.S.-based development organization to deliver malicious URLs to more than 150 organizations. [...]

Justin Jett, director of audit and compliance for Plixer, discusses the elements of a successful advanced security posture. [...]

Malicious ad campaign was able to rank higher in searches than legitimate AnyDesk ads. [...]

David Wolpoff, CTO at Randori, argues that the call for rapid cloud transition Is a dangerous proposition: "Mistakes will be made, creating opportunities for our adversaries. [...]

The website for “BravoMovies” features fake movie posters and a FAQ with a rigged Excel spreadsheet for “cancelling” the service, but all it downloads is malware. [...]

Threat hunters weigh in on how the business of ransomware, the complex relationships between cybercriminals, and how they work together and hawk their wares on the Dark Web. [...]

The security vendor's network management and threat protection station can open the door to code execution, DoS and potential PC takeovers. [...]

Dale Ludwig, business development manager at Cherry Americas, discusses advances in hardware-based security that can enhance modern cyber-defenses. [...]

One of the workaround XML files automatically deactivates protection from an earlier workaround: a potential path to older vulnerabilities being opened again. [...]

British regulators ruled that Amex sent 4 million nuisance emails to opted-out customers. [...]

A shadow court system for hackers shows how professional ransomware gangs have become. [...]

Sivan Tehila, cybersecurity strategist at Perimeter 81, discusses the elements involved in creating a modern SIEM strategy for remote work and cloud-everything. [...]

The plugin, installed on hundreds of thousands of sites, allows anyone to filch database info without having to be logged in. [...]

Microsoft Security discovered malicious PDFs that download Java-based StrRAT, which can steal credentials and change file names but doesn't actually encrypt. [...]

Enterprises are embracing on-demand freelance help – but the practice, while growing, opens up entirely new avenues of cyber-risk. [...]

The time that attackers stay hidden inside an organization’s networks is shifting, putting pressure on defenders and upping the need to detect and respond to threats in real-time. [...]

Attackers sent 52M malicious messages leveraging the likes of Office 365, Azure, OneDrive, SharePoint, G-Suite and Firebase storage in Q1 2021. [...]

The newly discovered malware infects IoT devices in tandem with the prolific Gafgyt botnet, using known security vulnerabilities. [...]