The operators of the Necurs botnet continue to target victims with phishing campaigns designed to infect them with banking malware, ransomware and cryptocurrency fever, as well as to generate profits via dating website referrals.
Whether it's insider or third-party vendor access, organizations are realizing they need to do more with their privileged accounts and systems. But traditional approaches often leave organizations with wide gaps in security. Sam Elliott of Bomgar explains what companies need to look for when it comes to access...
Data broker Equifax has released a revised count of U.K. victims of its massive 2017 data breach, now saying 860,000 residents had their personal details exposed. The data broker is offering its own fraud-monitoring services to breach victims, provided they share their personal details.
Technologists are wrangling with an identity puzzle: Is it possible to create a single digital identity that can be seamlessly and securely used at a bank, a hospital or consumer websites? It's the holy grail of identity. But experts say blockchain is likely not the answer right now.
When building a next-generation cybersecurity operations center, or CSOC, organizations must first understand their attack profile and determine the scope of threat monitoring needed, says Jagdeep Singh, CISO at Rakuten India, an e-commerce company.
Leading the latest edition of the ISMG Security Report: Why some organizations with working backups still choose to pay a ransom after suffering a cryptolocking malware attack. Also featured: The U.S. government's push to bolster the private sector's "active defenses."
Jason's Deli is the latest business in the hospitality or retail sector to warn that attackers used malware to steal customers' card details. The restaurant chain says 2 million payment cards were stolen from 164 restaurants during the seven-month breach.
To address growing concerns about Aadhaar, the Unique Identification Authority of India, which administers the ID program, is taking two key steps to add a layer of security. But some observers are already questioning whether the move will prove effective.
Intel says firmware updates it developed to help protect users against the Meltdown and Spectre vulnerabilities have been causing not just older CPUs but also its newest processors - in both client devices and data center servers - to reboot much more frequently than they should.
A recent incident involving an Indiana hospital that publicly admitted to paying a $55,000 ransom to unlock data following a ransomware attack - despite having backup systems - highlights the need to test data recovery plans.
BlackBerry mobile devices have become a rare sight. But drivers of Audi, GM and Mercedes vehicles may be using the company's embedded operating system in their cars, and with a new tool called Jarvis, BlackBerry is also making a play to secure the code used to drive autonomous vehicles.
As a longtime investor in companies offering cybersecurity solutions, Alberto Yépez of Trident Capital Cybersecurity is most concerned by a lack of investment in one key area; replacing aged technologies that are supporting critical infrastructure industries, such as power utilities.
The CIA has attributed last year's outbreak of NotPetya wiper malware to Russia's GRU military intelligence unit, The Washington Post reports. Other intelligence agencies and information security experts have reached similar conclusions, warning that Russia's hybrid warfare campaigns are intensifying.
We are amidst a new "machine identity crisis," says Jeff Hudson, CEO of Venafi. And unless we tackle this growing challenge of how to secure machine-to-machine communication, then enterprise IT and security departments are likely to be overwhelmed.
This edition of the ISMG Security Report takes a look at how ready healthcare organizations are for GDPR compliance. Also featured: comments from Alberto Yepez of Trident Capital on the 2018 outlook for information security companies and a summary of the latest financial fraud trends.