A bitter battle flares up in the fiercely competitive endpoint protection products market, and uncovering the real impact over Hillary Clinton's email server. These items highlight this edition of the ISMG Security Report.
Deception technology could be a game-changer, with many thought leaders and organizations already getting behind the concept of "assume compromise." Smokescreen founder Sahir Hidayatullah speaks about the rise of this emerging technology.
Missing from the analysis and debate regarding the U.S. government's decision not to prosecute presumptive Democratic Party presidential candidate Hillary Clinton for using a private email server while secretary of state is this simple fact: Secure IT systems aren't tailored to function the way people behave.
Security vendors are issuing warnings about two new types of dangerous Mac malware - Eleanor and Keydnap - which serve as a reminder that it's not just Windows users coming under fire from malicious software developers and tricksters.
Forget the 2015 mega-breach, an ongoing FTC probe or multiple class-action lawsuits: A new leadership team wants to reboot infidelity-focused online dating website Ashley Madison, promising that this time they'll get security and privacy right.
More than half of all Android smartphones have a flaw that can be exploited to bypass the devices' full-disk encryption. As a result, law enforcement agencies - or attackers - could access all supposedly encrypted data being stored on vulnerable devices.
Endpoint protection vendors compete fiercely for customers, and allegations of impropriety are common among rivals. The latest battle pits Sophos against Cylance. Whose version of the story is the truth?
Members of Congress have sent a letter to federal regulators saying that because ransomware attacks are "different" from other breaches in the healthcare sector, there's a need for new recommendations in upcoming government guidance.
More than 200,000 internet-connected systems remain vulnerable to the OpenSSL vulnerability known as Heartbleed, more than two years after the flaw was publicly announced and related patches released, warns security researcher Billy Rios.
Ukraine's central bank has confirmed that one of the country's banks fell victim to a fraudulent SWIFT heist in April. This latest such attack revelation should spur all SWIFT-using banks to assume they've been hacked, until proven otherwise.
While malware may be used for an initial attack, hackers quickly begin using tools to move around networks that often don't raise suspicion. Here's what to look out for to detect a "low and slow" attack.
The Dark Overlord selling stolen healthcare databases for bitcoins leads the ISMG Security Report. Also hear about banks' move toward real-time transaction fraud controls and a bipartisan attempt in Congress to tackle the ongoing crypto and "going dark" debates.
In the wake of recent SWIFT-related interbank payment heists, more banks are monitoring transactions for anomalous behavior in an attempt to catch fraud in real time, says Andrew Davies, a fraud prevention expert at core banking services provider Fiserv.
Would access to better information pertaining to encryption help Congress pass good crypto-related laws? That's the impetus behind a "Digital Security Commission" and a related report being hawked by some lawmakers.