If leading intelligence agencies can seemingly hack a wide variety of IT gear, what hope is there for enterprise security? Experts describe how organizations should respond to the recent dump of attack tools from the Equation Group, which is widely believed to be tied to the NSA.
Ransomware gangs increasingly target organizations - including hospitals and banks - that might be able to recover from such attacks, but not in a timely manner, says Verizon's Mark Rasch. Learn how well-honed incident response plans can help.
Too often when organizations get shaken down by online criminals, they panic, and in the process make the predicament they're facing even worse, warns digital forensic investigator Ondrej Krehel in this video interview.
In this video interview, Global Cyber Alliance CEO Phil Reitinger explains how the vastness and complexity of the internet creates cyber vulnerabilities, but one day those same characteristics, if used properly, could mitigate cyber threats.
The Equation Group tools released by the Shadow Brokers have revealed that the U.S. National Security Agency has been able to decrypt any traffic sent using a Cisco PIX device. While Cisco no longer supports the devices, more than 15,000 remain in use.
Eighty percent of the Android ecosystem - an estimated 1.4 billion devices - is vulnerable to an attack affecting TCP. While the flaw has been patched in Linux, Android remains vulnerable, although Google is aware of the issue.
Agari's John Wilson doesn't just fight email fraud schemes - he also is the occasional target. What have the fraudsters inadvertently taught him about their latest tactics? And how can these lessons help organizations to improve their defenses? Find out in this video interview.
USB devices and ports pose serious risks, and they aren't going away anytime soon. But researchers say they've developed a way to block malicious actions by USB devices to help prevent attacks such as "BadUSB."
Police have arrested an employee of U.K.-based accountancy and business software developer Sage Group after a data breach. Meanwhile, a report has emerged that some customers are using its software in an unsecured manner.
Hear ISMG editors untangle the various elements in the Shadow Brokers-Equation Group saga, evaluate a new anti-ransomware tool and reflect on the 10th anniversary of the PCI Security Standards Council in this edition of the ISMG Security Report.
Banks need to develop customer authentication strategies that meet demand for strong security as well as convenience, says Mary Ann Miller of NICE Actimize, who describes emerging multifactor approaches in this video interview.
Cybercriminals wielding Locky crypto-locking ransomware are ramping up their assaults, especially in the healthcare sector, according to FireEye. Attackers are distributing less banking malware and more ransomware, researchers say.
The Equation Group leak revealed a zero-day flaw in Cisco's firewall software - a patch is being prepped - as well as a vulnerability in Fortinet's software that's since been patched. Has the U.S. government long known about the flaws?