Google's latest security feature enables the use of Android phones as a security key, eliminating the need for a separate token or hardware device. The free feature is potentially more appealing that Google's Titan security keys, which cost $50.
A new type of malware, dubbed TajMahal, offers its users a host of espionage techniques, including the ability to steal documents sent to a printer queue and pilfer data from a CD, Kaspersky Lab reports. But researchers have only identified one victim so far.
Browser-based cryptocurrency miners are falling out of favor as virtual currency prices remain low, IBM says. But the company says malware-based miners are coming back, including fileless ones that rely on Powershell. Here's the lowdown.
After months of review, a Georgia-based healthcare system has determined that a cyberattack last year exposed the protected health information of more than 278,000 individuals. Meanwhile, federal regulators have issued an alert about advanced persistent threats.
Ex-black hat Alissa Knight recently joined Aite Group's new cybersecurity practice, and among her first tasks: a hard look at the security of major financial institutions' mobile banking apps. The results may surprise you.
Several industry groups have offered suggestions - ranging from better cyber information sharing to new regulatory "safe harbors" for entities complying with best practices - in response to Sen. Mark Warner's recent request seeking ideas for improving healthcare sector cybersecurity.
An "Asian female" has been arrested for attempting to access President Donald Trump's Mar-a-Lago club while he was staying there, claiming she wanted to use the pool. Prosecutors say the apparent Chinese national was carrying a USB thumb drive containing "malicious software" - and had no swimsuit.
Legislation introduced last week would give the U.S. Senate's sergeant at arms responsibility to help secure the personal devices and online accounts used by senators and their staff to help ward off cyberattacks and other threats.
When a company plans to make an acquisition, it should conduct a "compromise assessment" to assess whether the organization being purchased has had an undiscovered breach, says Steve Ledzian, CTO for Asia Pacific at FireEye.
The advent of IoT devices and IT/operational technology integration have dramatically expanded the attack surface. And as a result, the definition of threat intelligence is changing, says Vishak Raman of Cisco.
Multi-stage attacks use diverse and distributed methods to circumvent existing defenses and evade detection - spanning endpoints, networks, email and other vectors in an attempt to land and expand. Meanwhile, individual tools including DLP, EDR, CASBs, email security and advanced threat protection are only designed to...
The ISMG Security Report features Chris Painter, commissioner of the Global Commission on the Stability of Cyberspace, discussing cybersecurity policy for the 2020 U.S. elections. Plus, an update on the cost of the Norsk Hydro ransomware attack and the challenges of controlling real-time payments fraud.
Buyer beware: A new study shows used USBs offered for sale on eBay and elsewhere may contain a wealth of personal information that could potentially be used for identity theft, phishing attacks and other cybercrimes.