The business of crimeware is evolving - and so are the exploits that take advantage of unprotected systems. How do security leaders focus on managing their most critical vulnerabilities? Gidi Cohen, CEO of Skybox Security, shares insights.
Health insurer Anthem has agreed to a proposed $115 million deal to settle a class action lawsuit over a 2015 cyberattack that resulted in data breach affecting nearly 78.9 million individuals. If approved, lawyers say it would be the largest data breach settlement ever.
Publicis Groupe CISO Thom Langford discusses how best to measure your organization's true risk appetite and the business value of blending storytelling techniques into your security awareness programs.
The Mirai botnet is just the most high-profile example of the new weaponization of DDoS. Attacks are stronger than ever, and multilayer defenses are needed to prevent disruption and distraction, says Darren Anstee of Arbor Networks.
From nation-states to organized crime and malicious insiders, organizations are under siege from a variety of adversaries and threats. But how do they focus on the ones that matter most? James Lyne of Sophos offers insight.
The FBI says reported losses due to internet crime last year totaled $1.3 billion, based on nearly 300,000 complaints logged with its Internet Complaint Center. It warns that CEO fraud, ransomware, tech-support fraud and extortion are becoming increasingly prevalent.
The long-running data security dispute between cancer testing laboratory LabMD and the Federal Trade Commission is now in the hands of a panel of appellate court judges, who heard oral arguments this week. Experts weigh in on the significance of the case.
Good news: Exploits kits are in decline, thanks to concerted efforts to disrupt their efficacy. Unfortunately, criminals are diversifying their attacks, focusing more on social engineering - including tech-support scams - and malicious spam campaigns.
Hackers can breach air-gapped voting machines and tallying systems in an attempt to alter ballots to sway the outcome of an election, a Senate panel has learned. Also, at the hearing, DHS discloses that Russian hackers targeted 21 state election systems before the 2016 election.
The European Parliament and European Commission are pushing for mandatory end-to-end encrypted communications, and banning backdoors, as part of the EU's rebooted e-privacy regulation. But the move runs counter to anti-crypto rhetoric being spouted by government ministers in Britain and France.
A settlement between the state of New York and a company that provides support services to the healthcare sector serves as a reminder about timely breach notification, including in circumstances when law enforcement agencies are investigating an incident.
One month after the SMB-targeting WannaCry worm outbreak began spreading globally, Honda discovered fresh infections at multiple facilities, and was forced to temporarily idle one plant as a result of the ransomware.
South Korean web hosting firm Nayana has agreed to pay attackers a record-shattering $1 million to unlock 153 Linux servers crypto-locked by ransomware. Security researchers say the infection was likely exacerbated by the company running ancient versions of the Linux kernel, as well as Apache and PHP.
Concerns over Russian hacking of state election systems are mounting. In New York, Gov. Andrew Cuomo has ordered a review of security efforts related to state elections. On Capitol Hill, Sen. Mark Warner wants DHS to release additional details relating to cyberattacks targeting state election systems.