The Trump administration has belatedly announced that hackers tied to the government of North Korea were behind the WannaCry ransomware outbreak that began in May and infected more than 200,000 endpoints across 150 countries. Why is the White House only now airing its attribution?
Legislation pending in Congress that would offer protections for companies and individuals who seek to "hack back" in retaliation against cybercriminals who have attacked them is a bad idea, contends Alan Brill of Kroll.
The latest ISMG Security Report leads with a report on a malware attack on an industrial safety system that experts contend could threaten public safety. Also, legislation giving DHS's cybersecurity unit a meaningful name progresses through Congress.
With just a few months left until the EU's General Data Protection Regulation will be enforced, too many so-called "experts" are spreading fear and falsehoods about the regulation, says Brian Honan, a Dublin-based cybersecurity consultant, who clarifies misperceptions in an in-depth interview.
A new U.S. law signed by President Donald Trump prohibits federal agencies from running anti-virus software from Moscow-based Kaspersky Lab. The company criticized the action, saying it's being singled out based solely on where its corporate headquarters is located.
Most of the criminal activity targeting today's enterprises originates at the endpoint, and the majority of modern breaches use known threats or vulnerabilities for which a patch already exists. For this reason, endpoint visibility must be complete and continuous.
Cybercriminals continue to rely on individuals who undertake the risky operation of moving illicit proceeds from one location to another. But these "money mules" face a multitude of risks, including imprisonment, police warn.
The latest ISMG Security Report features a special report on securing medical devices. Healthcare security leaders from the FDA, an academic medical center and a medical device manufacturer share their insights on the challenges involved.
The hacker to whom Uber paid $100,000 to destroy data and keep quiet about its big, bad breach is a 20-year-old man living in Florida, Reuters reports. But numerous questions remain about the 2016 breach, including whether the payment was a bug bounty, extortion payoff or hush money.
If you want to anticipate a prospective hacker's moves, then you'd better be able to think like one. That's the position of Terry Cutler, an ethical hacker who dedicates his time to testing organization's cybersecurity defenses - and their people.
As data breaches increase in scale and frequency, businesses must ensure an effective, swift and well-orchestrated response. To help them, ISMG on Wednesday and Thursday will host a Fraud and Breach Prevention Summit in Mumbai offering insights from 20 leading CISOs and many other experts.