At this year's RSA Conference, we have about 35 videos on the docket. And truly we're talking about the A-Z of information security thought leaders, from CrowdStrike co-founder Dmitri Alperovitch to ZixCorp CEO David Wagner, with a stop in the middle to discuss homeland security with U.S. Rep. Michael McCaul.
New Zealand's privacy commissioner is recommending new civil penalties against companies of up to NZ$1 million (US$718,000) for a "serious" data breach in light of sterner penalties adopted by Australia and the European Union.
In this edition of the ISMG Security Report: An evaluation of the challenges law enforcement faces in using lawful hacking and metadata as an alternative way to collect evidence when cracking an encrypted device is not an option. Also, a look at Trump's revised cybersecurity executive order.
Dozens of banks, governments and telecommunications companies have been struck by fileless malware, which resides in memory and leaves few traces for investigators, according to Kaspersky Lab. The use of open-source tools and utilities makes the attacks difficult to detect.
Just like epidemiologists studying disease outbreaks, cybersecurity professionals can benefit from identifying and mitigating certain behaviors, says Dr. Elizabeth Lawler, an epidemiologist who is CEO of Conjur, a data security firm.
Televisions that spy on their users have long been a trope of dystopian fiction, including George Orwell's "1984." But the spying TV appears to be far from fictional, according to a new settlement agreement reached between the FTC and smart-TV maker Vizio.
InterContinental Hotels Group is warning customers that malware infected point-of-sale devices at a dozen of its hotel restaurants and bars in North America and the Caribbean for up to four months in 2016. But it's unclear if the breach ties to reported exploits involving POS service providers.
When Army intelligence specialist Chelsea Manning leaked classified documents to WikiLeaks in 2010, the federal government's security clearance process served as the main defense against malicious insiders. CERT's Randy Trzeciak explains how insider threat defenses have changed since then.
A report on passage by the House of Representatives of a bill aimed at toughening insider threat defenses at the Department of Homeland Security leads the latest edition of the ISMG Security Report. Also, analyzing the use of blockchain technology to secure healthcare data.
A suburban Dallas police department saw eight years' worth of digital evidence, including material for at least one active criminal case, frozen after a ransomware attack, another example of the continuing havoc caused by file-encrypting malware.
Cybersecurity strategies developed for data-centric information technology are not necessarily suitable for protecting operational technology, where availability, rather than confidentiality, is the key security concern, says Vikram Kalkat of Kaspersky Lab.
Facebook is aiming to make account recovery and password resets more secure with a new, updated approach that eliminates outdated weaknesses such as emailed reset links, SMS messages and security questions.
Offspring of the Zeus banking Trojan continue to spring to life. Functionally, however, security experts say most POS-infecting banking malware remains almost identical. So why aren't more organizations putting well-known defenses in place?
Nearly three years after the Heartbleed bug - and 600,000 vulnerable servers - was discovered, the vulnerability lives on. The latest scans still count 180,000 at-risk servers. Why won't this bug just die?
President Trump is reportedly preparing to issue an executive order calling for a review of the nation's cybersecurity capabilities and vulnerabilities. The pending report outlines a series of steps to be taken within 60 days of the signing of the order.