A UAE-based activist targeted by a rare and valuable remote exploit for Apple's mobile software has caused concern over the continued sale of powerful spying tools to governments with poor human rights records.
Vendor risk management programs have evolved over time. What began as a spreadsheet or two to track vendors can't hold up to the ever-changing scope, scrutiny and shared risk. Putting more people on the problem quickly becomes a resource drain. What if you could eliminate time wasters associated with vendor risk...
A Fortune 50 Healthcare Company is under constant scrutiny from about the safety and security of their products, data and services. The company relies on more than 5,000 suppliers to conduct operations. Existing vendor assessment and tracking methods and tools could not keep up. They implemented Rsam's Vendor Risk...
Too often when organizations get shaken down by online criminals, they panic, and in the process make the predicament they're facing even worse, warns digital forensic investigator Ondrej Krehel in this video interview.
FireEye CEO Kevin Mandia has blamed his company's lower-than-expected quarterly revenue on the rise of ransomware and cyber extortion attacks and a decline in APT campaigns. Experts debunk those assertions.
Are You Testing for the Real World?
While seemingly subtle, the difference between emulation and simulation are crucial when it comes to ensuring realistic testing with reliable, repeatable results.
In order to have confidence in your systems, you need to continually test and monitor them with realistic...
Security firm ThreatConnect says Guccifer 2.0, who claims to be the lone hacker of the Democratic National Committee, may have close ties to Russia. But after reviewing related technical evidence, not all security experts agree.
Interbank messaging service SWIFT will begin collecting and sharing anonymized attack information and offering incident-response services - backed by Fox-IT and BAE Systems - to help hacked banks. But will financial institutions buy in?
When an organization suffers a data breach, how can it quantify the total of all the associated costs? The scope of costs goes way beyond a fixed dollar value per stolen record and extends to include legal fees, third-party forensic services, loss of reputation and defense improvement, as well as state and federal...
A report that the Russian government hacked into Democratic National Committee systems has security experts warning that just because malware was found on a hacked network, that doesn't mean a specific individual, group or nation-state was involved.
Days after booting hackers from its network, the Democratic National Committee allowed incident-response firm Crowdstrike to publicly detail its findings. That's a rare - albeit welcome - move for other potential targets.
With hack attacks continuing against banks, SWIFT must follow in the footsteps of other vendors - notably Microsoft - and begin offering detailed, prescriptive security guidance to its users, says Doug Gourlay of Skyport Systems.
Ransomware, regulations, botnets, information sharing and policing strategies were just some of the topics that dominated the "International Conference on Big Data in Cyber Security" hosted by Edinburgh Napier University in Scotland.
Vietnam's TPBank says it successfully foiled more than $1 million in fraudulent transfer requests apparently initiated by the same hackers who targeted Bangladesh Bank and other SWIFT-using institutions with PDF reader malware.
The theft of $81 million from Bangladesh Bank was "part of a wider and highly adaptive campaign targeting banks," SWIFT warns its 11,000 customers. Investigators say signs point to the same attackers having hacked Sony Pictures Entertainment in 2014.