Because cyber threats are becoming increasingly sophisticated, bolstering employee and customer awareness and training about ransomware, phishing and other cyber risks must be a top priority in 2017, says Curt Kwak, CIO of Proliance Surgeons.
With the rise of malware infecting IoT devices, DDoS defenders "have to assume that the attackers have an unlimited supply of machines that they can compromise," says Akamai's Michael Smith. But quarantines, ISP feedback loops and better patch management can bolster defenses.
Unprecedented hack attacks knocked three Ukrainian power providers offline in late 2015, and now a potential repeat hack has surfaced. Security experts recommend all power operators globally hunt carefully for related signs of attack.
This edition of the ISMG Security Report features an analysis of recommendations by a U.S. House Encryption Working Group that Congress should not enact legislation that requires technology companies to help law enforcement authorities bypass encryption on the devices they manufacture.
A variant of malware used to infect U.S. Democratic National Committee systems was also used to infect an Android app used by Ukraine's artillery forces, bolstering attribution of both attacks to Russia, says cybersecurity firm Crowdstrike.
A massive botnet run by a Russian cybercrime gang netted more than $3 million a day by generating fake views of online video advertisements, security firm White Ops warns. Cue new concerns over the prevalence of advertising fraud in the wake of fake news worries.
Memo to would-be cybercriminals: Want to move stolen funds internationally to bank accounts that you control? Need to route the funds to a few money mules to get it laundered? Don't do it from a system tied to an IP address registered to your home.
Three Romanian men accused of running a cybercrime ring that used custom-built "Bayrob" malware and money mules to steal at least $4 million from victims have been extradited to face charges in the United States.
A third suspect alleged to be responsible for the 2014 JPMorgan Chase data breach, which affected more than 83 million customers, was arrested Dec. 14 after reportedly voluntarily returning to the U.S. from Russia.
The emergence of contactless chip payments on mobile phones is changing the way transactions are authenticated and secured, Jeremy King of the PCI Security Standards Council explains in this audio interview.
Ransomware attacks, which initially targeted Windows computers and then spread to Android mobile devices, are now targeting Linux servers as well, says Bob Lynch of Bitdefender, who describes a risk mitigation strategy in this video interview.
Hack attack victims often ask two questions: "Who did it? And can we hack them back?" But after an attack, with time of the essence for blocking further damage, those are the wrong questions for breached organizations to be asking, data breach response expert Alan Brill says in this audio interview.
How much time and effort will consumers put into protecting themselves from identity theft and financial fraud? That was the question posed by Aite Group's Julie Conroy in researching the new Global Security Engagement Scorecard. And the answer might just surprise you.
Leading the latest edition of the ISMG Security Report: an analysis of the impact on healthcare information security and privacy of the 21st Century Cares Act, which President Obama signed into law Dec. 13. Also, a report on the spread of malvertising and an update on the Bangladesh Bank cyber heist.
Hackers are increasingly taking advantage of new technologies, including analytics and artificial intelligence, to launch more sophisticated attacks and commit cybercrimes, Bill Fox, a former federal prosecutor, explains in this interview.