Memo to would-be cybercriminals: Want to move stolen funds internationally to bank accounts that you control? Need to route the funds to a few money mules to get it laundered? Don't do it from a system tied to an IP address registered to your home.
An internal investigation into the February theft of $81 million from the central bank of Bangladesh reportedly found that a handful of negligent and careless bank officials inadvertently helped facilitate the heist by outside hackers.
Coming soon to an internet service provider near you: routers infected by IoT device botnet-building malware such as Mirai. The latest victim is ISP TalkTalk, which is updating routers to block DDoS attackers who have been seizing control of the devices.
Visa and MasterCard have pushed back their EMV fraud liability shift date for U.S. pay-at-the-pump gas terminals from October 2017 to October 2020. They made the right decision, given the relatively low rates of card fraud at gas pumps.
Today's ISMG Security Report leads off with House Homeland Security Committee Chairman Michael McCaul and DHS Secretary Jeh Johnson lamenting about the congressional bureaucracy that hinders passage of needed cybersecurity legislation.
Many members of Britain's Parliament regularly use technology - and tech firms - as a scapegoat for intractable social issues or failed government policies. Does the country's new mass surveillance law now enshrine technology scapegoating into law?
The Internet Archive, a pioneering 20-petabyte digital repository, is raising funds to replicate its data in Canada. The group's founder fears that the election of Donald Trump as the next U.S. president portends an uncertain privacy rights future.
Healthcare entities must perform security due diligence when they consider introducing emerging technologies - including "internet of things" devices - into their environments, says attorney Stephen Wu, author of a new book on HIPAA compliance.
Vulnerable firmware has been highlighted again in a range of low-cost Android phones, raising concerns over their security. This latest incident comes 11 months after security analysts first raised flags.
Adobe will pay a small financial penalty to 15 states to resolve consumer protection and privacy claims following a data breach that affected 38 million active user accounts. The company's legal fees associated with the incident are likely far higher than the settlement amount, experts say.
An analysis of how the Donald Trump administration will address health IT security and privacy leads the latest edition of the ISMG Security Report. Also, the ramifications of a big breach, and an FBI agent tackles ransomware.
Western experts evaluating China's new cybersecurity law contend it will do very little to safeguard information but will erode privacy rights and make it harder for foreign enterprises to do business in China.