Fool me once, shame on you. Fool me twice, shame on me. That's the situation facing victims of Equifax's massive data breach, who are being offered identity theft or fraud monitoring services from none other than Equifax. First, however, they have to share some personal information.
An in-depth look at the DMARC anti-spoofing system - which the U.S. Department of Homeland Security this past week said it will require federal agencies to adopt - leads the latest edition of the ISMG Security Report. Also, continuous monitoring of the insider threat.
The recent online leak of an episode of HBO's Game of Thrones, which has been linked to four insiders at a company that handles data for Star India, has put the spotlight on strategies for mitigating insider threats.
London-based health insurer Bupa Global is warning international policyholders that a breach affecting 547,000 customers - with data showing up on darknet marketplace AlphaBay for sale - traces to a now-former employee.
As the global threat landscape shifts, so does Kaspersky Lab. Moving from its traditional cybersecurity focus, Kaspersky now is honing in on fraud prevention. Emma Mohan-Satta describes this shift and what it means for security and anti-fraud leaders.
Two researchers who launched a crowdsourced effort to subscribe to the Shadow Brokers' monthly leak of stolen Equation Group exploits - on behalf of the entire information security community - have dropped their effort, citing legal concerns.
Sweden has ended a seven-year rape investigation against WikiLeaks founder Julian Assange. But it's far from the end of the legal troubles for the man whose spilling of secrets has shaped world politics.
Criminals have long aimed to separate people from their possessions. So for anyone who follows ransomware, the WannaCry outbreak won't come as a shock. Nor will longstanding advice for surviving ransomware shakedowns: Prepare, or prepare to pay.
Here are five cyber-related takeaways from FBI Director James Comey's testimony before the Senate Judiciary Committee, including his rationale on notifying Congress of his decision to reopen the probe of Hillary Clinton's use of a private email server and steps the bureau is taking to defend against the insider threat.
When an employee exits, it's essential to ensure their access rights don't go with them. Too often, however, organizations fail to track who's joining, leaving or changing roles, leaving them at increased risk of malicious activity.
Businesses that fail to block former employees' server access or spot any other unauthorized access are asking for trouble. While the vast majority of ex-employees will behave scrupulously, why leave such matters to chance?
The latest edition of the ISMG Security Report leads off with an interview with the co-editor of a new book, Inside Threat, who uses examples from the physical world that can be applied to the virtual world. Also, organizations fall short on offering identity protection services.