---

Healthcare Ransomware Damage Passes $157M Since 2016

Researchers found the total cost far exceeded the amount of ransom paid to attackers.

---

Microsoft Addresses Active Attacks, Air-Gap Danger with 99 Patches

There are 12 critical and five previously disclosed bugs in the February 2020 Patch Tuesday Update.

---

FBI: BEC scams accounted for half of the cyber-crime losses in 2019

Average loss per BEC scam amounted to nearly $75,000, per complaint, on average.

---

Microsoft Patches Exploited Internet Explorer Flaw

This month's Patch Tuesday brings fixes for 99 CVEs, including one IE flaw seen exploited in the wild.

---

Intel Patches High-Severity Flaw in Security Engine

The high-severity vulnerability could enable denial of service, privilege escalation and information disclosure.

---

Microsoft's February 2020 Patch Tuesday fixes 99 security bugs

This is one of Microsoft's biggest Patch Tuesday known to date.

---

Why Ransomware Will Soon Target the Cloud

As businesses' daily operations become more dependent on cloud services, ransomware authors will follow to maximize profits. The good news: Many of the best practices for physical servers also apply to the cloud.

---

Estée Lauder Exposes 440M Records, with Email Addresses, Network Info

Middleware data was exposed, which can create a secondary path for malware through which applications and data can be compromised.

---

Jenkins servers can be abused for DDoS attacks

DDoS attacks can reach an amplification factor of 100, but servers will crash very quickly.

---

Cybercriminals Swap Phishing for Credential Abuse, Vuln Exploits

Infection vectors were evenly divided among phishing, vulnerability exploitation, and unauthorized credential use in 2019.

---

Macs See More Adware, Unwanted Apps Than PCs

The latest data from Malwarebytes show the average Mac sees almost twice as many bad apps as Windows systems, but actual malware continues to be scarce.

---

What Are Some Basic Ways to Protect My Global Supply Chain?

Assessing supply chains is one of the more challenging third-party risk management endeavors organizations can take on.

---

What Are Some Foundational Ways to Protect My Global Supply Chain?

Assessing supply chains is one of the more challenging third-party risk management endeavors organizations can take on.

---

Adobe Addresses Critical Flash, Framemaker Flaws

Overall, Adobe patched flaws tied to 42 CVEs as part of its regularly scheduled updates.

---

CIA's Secret Ownership of Crypto AG Enabled Extensive Espionage

Crypto AG made millions selling encryption devices to more than 120 countries, which unknowingly transmitted intel back to the CIA.

---

Keeping a Strong Security Metrics Framework Strong

Don't just report metrics -- analyze, understand, monitor, and adjust them. These 10 tips will show you how.

---

Emotet trojan evolves to spread via WiFi connections

Security firm discovers what appears to be one of Emotet's most dangerous modules.

---

Enterprise companies struggle to control security certificates, cryptographic keys

Certificate authority misuse, MiTM attacks, and problems with cryptographic key handling are now of serious concern to enterprise firms.

---

KBOT virus takes out system files with no hope of recovery

In a blast from the past, KBOT has been deemed the first “living” virus detected in recent years.

---

Dell Patches SupportAssist Flaw That Allows Arbitrary Code Execution

The uncontrolled search path vulnerability allows a local user to use DLLs to escalate privileges and affects Windows PCs.