Bad news: A developer has released the source code for Mirai malware, which is designed to automatically find and hack internet of things devices, turning them into DDoS cannons. The malware has been tied to recent record-smashing DDoS attacks.
Even though the U.K. is preparing to exit the EU, British businesses must prepare to comply with GDPR, the EU's new data privacy law. That's the message from the new U.K. information commissioner, who oversees enforcement of the country's privacy laws.
A new kind of malware for Mac OS X has been linked to Fancy Bear, the Russian group suspected of hacking the DNC and the World Anti-Doping Agency. But the malware only poses a low risk to users, experts say.
The latest ISMG Security Report leads off with a discussion with DataBreachToday Executive Editor Mathew J. Schwartz on why online cybercrime is growing. Also, the status of the U.S. government's cyberthreat information sharing initiative.
Want to build a cybercrime empire predicated on selling stolen payment card data? Here's how carder forum Vendetta Network blends outsourcing, partnerships and best-of-breed tools to maximize profits while minimizing risk.
A new cyberattack trend report from Europol notes that while online criminals continue to refine their capabilities, old and unsophisticated attacks too often still succeed, thanks to poor digital hygiene and a lack of security by design and user awareness.
In the wake of this week's rollout by NACHA, The Electronic Payments Association, of same-day ACH payments in the U.S., fraud departments at originating and receiving banks should be bracing for the new risks posed by faster payments, says NACHA's Jane Larimer, who offers insights on steps to take.
As the U.S. ramps up its migration to EMV chip payments over the next three to five years, fraudsters will shift their attention to mobile wallets, says Al Pascual of Javelin Strategy & Research, who describes why in this video interview.
The more than 11,000 financial institutions that use the SWIFT interbank messaging network must annually prove they comply with its new cybersecurity standards or face being reported to regulators and business partners.
Why are hacked healthcare records so valuable? It's because stolen patient records often end up for sale on the deep web as part of information packages called "fullz" and "identity kits" used by fraudsters to commit a wide variety of crimes, says James Scott of the Institute for Critical Infrastructure Technology.
Hillary Clinton and Donald Trump ventured into new territory for their first presidential debate: cybersecurity. It marked one of the few subjects on which both candidates broadly agreed, although the exchange was marked with sharp jabs and an interesting attribution theory from Trump.
Given the rapid spread of malware and difficulties with detection, what actions should organizations take? In this interview, Chris Novak of Verizon and Stephen Orfei of the PCI Security Standards Council offer insights.
Don't leap to conclusions on the basis of a new report that suggests Yahoo is preparing to warn the world that it was hacked and lost hundreds of millions of users' account credentials. Someone may simply have harvested passwords reused on other sites.
FBI Director James Comey, Facebook CEO Mark Zuckerberg and security expert Mikko Hypponen all advocate covering up your webcam as a cheap and no-brainer defense against everything from unscrupulous competitors to sextortionists.
Three recent criminal cases involving hospital insiders who allegedly committed a variety of fraud, identity theft or egregious privacy violations that victimized patients highlight just how difficult it is to mitigate insider threats.