Ransomware is the largest underground cybercriminal business. And like any business, entrepreneurs continue to find new ways to innovate. A Russian hacker has cobbled together a low-end ransomware kit costing just $175, aimed at anyone who seeks a file-encrypting payday.
Enterprise security leaders largely understand the business problems posed by a lack of privileged access management. But understanding and overcoming the obstacles to deploying a successful PAM rollout? That's the real challenge, says Alex Mosher of CA Technologies.
Luxury clothing retailer Neiman Marcus has disclosed that a December 2015 breach compromised more sensitive information than first thought. It also disclosed a fresh attack in January that exposed names, contact information, email addresses and purchase histories.
Businesses that fail to block former employees' server access or spot any other unauthorized access are asking for trouble. While the vast majority of ex-employees will behave scrupulously, why leave such matters to chance?
Bryce Austin, a former technology lead at Target during the retailer's massive November 2013 breach, says the role of the CISO needs to evolve, ensuring that cybersecurity is balanced with the overall needs of the company. He claims tying the CISO's performance to the company's revenue is the best way to do that.
New documents dumped online by the Shadow Brokers group have revealed apparent NSA programs designed to target SWIFT service bureaus in the Middle East as well as a slew of exploits designed to infect Windows systems, patched last month by Microsoft.
What should healthcare entities and business associates expect when faced with a data breach investigation or compliance audit by federal regulators? Attorney Marti Arvin discusses the do's and don'ts.
Good news for Microsoft Windows users: The Equation Group exploit tools dumped this month by Shadow Brokers don't work against currently supported versions of Windows, largely thanks to patches Microsoft released in March. But who tipped off Microsoft?
Cyberattackers love not having to reinvent the wheel. At least, that's the tactic favored by the Callisto group, an "advanced threat actor" that's been using leaked Hacking Team spyware to infect targets, says security firm F-Secure.
Too many businesses assume that the internet will be around forever, but that's faulty thinking and an impractical business practice, says Information Security Forum's Steve Durbin, a featured speaker at Information Security Media Group's Fraud and Breach Prevention Summit in Atlanta this month.
The recent fix for a zero-day flaw in Microsoft Office appeared more than five months after Microsoft was privately alerted to the flaw, and followed months of it being exploited via in-the-wild attacks. Can Microsoft do better?
It has been roughly two years now since the advent of the Retail Cyber Intelligence Sharing Center. How has information sharing improved cyber defenses? And how have criminals upped their game? Brian Engle of R-CISC shares insight.
Many media outlets have suggested that the recent arrest of a Russian computer programmer ties to the 2016 U.S. presidential election meddling blamed on Russia. But the only source for this supposed connection traces to a Russian propaganda arm that's been blamed for participating in said meddling.