A report claims British intelligence agency GCHQ knew in advance that the FBI planned to arrest WannaCry "hero" Marcus Hutchins when he visited the United States for the annual Black Hat and Def Con conferences last month. The information security community asks: Is that justice?
At ISMG's recent New York Fraud & Breach Prevention Summit, attendees interacted with technology solution providers and other thought leaders, gaining practical insights on solving real-world problems.
The latest edition of the ISMG Security Report leads with a closer look at a new exploit kit and whether it represents a resurgence in these types of criminal packages. Also featured: a discussion of new vehicle security concerns and communications advice for CISOs.
Locky is back. After falling off the radar last year, the ransomware is once again being distributed via massive spam campaigns - run by the Necurs botnet - in the form of two new variants named Diablo and Lukitus.
The recent online leak of an episode of HBO's Game of Thrones, which has been linked to four insiders at a company that handles data for Star India, has put the spotlight on strategies for mitigating insider threats.
Danish shipping giant Maersk faces losses of $200 million to $300 million as a result of the NotPetya global malware outbreak. Others, including FedEx and household goods manufacturer Reckitt Benckiser, are also beginning to estimate NotPetya's financial impact on their business.
For just $80 per day, would-be cybercrime entrepreneurs can subscribe to Disdain, a new exploit kit that targets now-patched flaws in browsers and plug-ins, including Flash and WebEx. Disdain's debut shows that while exploit kits may have declined, they haven't died out.
The British security researcher credited with stopping the WannaCry ransomware outbreak pleaded not guilty Monday to charges that he developed and sold a type of malicious software that steals online banking credentials.
In this latest edition of the ISMG Security Report we learn more about certain Siemens medical devices containing vulnerabilities that could allow hackers to remotely execute arbitrary code. Also: a report on Kaspersky Lab dropping its complaint against Microsoft and part 2 of an election security interview.
Healthcare organizations can learn important lessons - including the need for granular data access control - from the costly proposed settlement of the breach lawsuit against health insurer Anthem, says Bill Fox, a former federal prosecutor.
Kaspersky Lab says it will withdraw antitrust complaints it filed against Microsoft over how Windows handles third-party security products, defusing a yearlong dispute. Microsoft says it will work closer with security companies to ensure compatibility with Windows.
Security vendors are known to sprinkle hyperbole among their claims. But the strategy has backfired for DirectDefense, which mistakenly cast endpoint protection vendor Carbon Black as a contributor to the "world's largest pay-for-play data exfiltration botnet."
The Department of Homeland Security has issued an alert warning about cyber vulnerabilities in certain Siemens medical imaging products running Windows 7 that could allow hackers to "remotely execute arbitrary code." How serious are the risks?
The latest edition of the ISMG Security Report leads with a report on the charges brought against Marcus Hutchins, the "accidental hero" who stoped the WannaCry malware outbreak. Also featured: reports on advances in attribution and new legislation to secure vulnerable medical devices.