Bitcoin-seeking phishing attacks have been trying to socially engineer would-be cryptocurrency exchange executives, warn researchers at Secureworks. The attacks use Word documents with malicious macros and control code previously seen in attacks launched by the Lazarus Group, which has been tied to North Korea.
Legislation pending in Congress that would offer protections for companies and individuals who seek to "hack back" in retaliation against cybercriminals who have attacked them is a bad idea, contends Alan Brill of Kroll.
With just a few months left until the EU's General Data Protection Regulation will be enforced, too many so-called "experts" are spreading fear and falsehoods about the regulation, says Brian Honan, a Dublin-based cybersecurity consultant, who clarifies misperceptions in an in-depth interview.
The latest ISMG Security Report leads with a report on a malware attack on an industrial safety system that experts contend could threaten public safety. Also, legislation giving DHS's cybersecurity unit a meaningful name progresses through Congress.
What does the title National Protection and Programs Directorate mean to you? It's not so clear, unless you are familiar with the Department of Homeland Security's organizational chart. To clarify its mission, the House has voted to rename - and revamp - the DHS agency.
Most of the criminal activity targeting today's enterprises originates at the endpoint, and the majority of modern breaches use known threats or vulnerabilities for which a patch already exists. For this reason, endpoint visibility must be complete and continuous.
The adoption of "unconventional" security controls that are risk-driven can help organizations adapt to the changing cyber threat landscape, says Jim Routh, CISO at health insurer Aetna.
U.S. healthcare entities need to keep security top of mind if they use offshore services to handle protected health information, security experts say, pointing to specific steps to take.
Cybercriminals continue to rely on individuals who undertake the risky operation of moving illicit proceeds from one location to another. But these "money mules" face a multitude of risks, including imprisonment, police warn.
Bitcoin: Is it the future of cash, a legitimate speculative instrument or a Ponzi scheme in easy-to-consume digital form? Despite the outstanding questions, investors and cybercriminals alike continue to amass cryptocurrencies. Both groups face perils.
Artificial intelligence can help improve network health by building a "pattern of life" for every device, user and network, says Justin Fier of Darktrace, who explains how to improve network visibility.
The latest ISMG Security Report features a special report on securing medical devices. Healthcare security leaders from the FDA, an academic medical center and a medical device manufacturer share their insights on the challenges involved.
Ethiopian dissidents living overseas had their devices infected with spyware made by an Israeli defense company, Canadian researchers allege. Their findings have revived longstanding concerns over some governments' potential abuse of powerful surveillance tools.
The HITRUST Cyber Threat Xchange played a role in making U.S. healthcare organizations aware of the worldwide WannaCry ransomware campaign early enough to help them thwart the threat, says HITRUST's Elie Nasrallah.
Two-factor authentication solutions face two problems: They are not widely adopted, and attackers find them far too easy to crack. What's the answer? New risk-based multifactor solutions, says Jim Wangler of SecureAuth.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.