Detecting and preventing advanced attacks isn't just a technology issue - it's a business risk that needs to be elevated to the highest levels of an organization. Trend Micro's Tom Kellermann shares strategies.
This week's top reported breach incidents, including the report by Hold Security warning that a Russian cyber gang had breached 1.2 billion passwords, all have one thing in common: They leave numerous questions unanswered.
Expect every new warning of cybercrime attacks, online espionage or the malware du jour to be slickly marketed, with the announcements carefully timed. But is this bad for either the information security community or attackers' victims?
A report that a Russian hacker group dubbed "CyberVor" is hoarding more than 1 billion stolen passwords triggered worldwide concern, but security experts caution that scant details have been revealed, making the threat tough to judge.
Today's sophisticated attackers use ever-stealthier malware and zero-day exploits to evade traditional security defenses, making organizations increasingly vulnerable to advanced persistent threats (APTs). These APTs seek to exfiltrate critical data over the long term.
A Russian cyber gang has breached over 420,000 web and FTP sites to pilfer over 1.2 billion credentials, according to Hold Security, saying it discovered "what could be arguably the largest data breach known to date."