As a report surfaced July 29 that the campaign website of presidential nominee Hillary Clinton was hacked, the Democratic Congressional Campaign Committee confirmed that it was breached shortly after the Democratic National Committee announced that it, too, had been hacked.
Ransomware gangs are employing "customer service" agents to field victims' queries in an attempt to maximize their illicit profits, according to security firm F-Secure, which describes the encounters of someone posing as a victim.
CISOs face the continuing challenge of how to clearly communicate information security risk to the board and senior management. But now they can take advantage of a free metrics framework designed to help evaluate an organization's cybersecurity readiness. Phil Cracknell of ClubCISO describes the effort.
The Global Cyber Alliance is taking on small projects to come up with solutions to big cyber risk problems. "It's essentially using a startup approach to a much bigger problem," CEO Phil Reitinger, who will keynote the upcoming ISMG New York Fraud and Breach Summit, says in this interview.
For years, organizations have been threatened by DDoS attacks on several fronts, ranging from
volumetric attacks to application-level and DNS strikes. Now come ransom-based attacks.
In this interview with Trey Guinn - head of solution engineering at CloudFlare - he discusses the importance of matching your DDoS...
Healthcare, more than any other industry, is increasingly in the crosshairs of attackers who seek to cause business disruption through evolving attacks such as ransomware. It's inevitable, frankly, that the vast majority of healthcare organizations will be diagnosed with ransomware. How must they prepare? What...
CISOs must be empowered to define the security architecture for smart cities. How? By securing endpoints of known and unknown device categories in the network, says David Dufour, head of security architecture for smart cities at Webroot.
Only 34 percent of surveyed security leaders say they have
high confidence in their organization's ability to detect and
prevent fraud before it results in serious business impact.
Among the reasons why they lack confidence:
Today's fraud schemes are too sophisticated and evolve too quickly (56 percent
This white paper analyzes the findings of a survey, carried out by Ovum with the sponsorship of
Distil Networks, into the state of application programming interface (API) security. We asked 100
companies across a variety of industries in North America, Europe, and Asia-Pacific, ranging from
midmarket firms to large...
Healthcare is in the middle of a major evolution toward digital, personalized medicine and the empowered patient. This massive push toward digital medicine brings about numerous security and interoperability challenges, including a shift in thinking from "supposedly known users" to "secure and trusted identities."...
Given the severity of credential hijacking currently taking place, securing Microsoft Active Directory Services and relevant privileged credentials has become a top business priority. In 2015, over 75 percent of all compromised records from data breaches was traced directly to the loss or theft of a privileged...
The Obama administration is implementing a presidential policy directive designed to coordinate response to a large-scale cyber incident that poses a threat to national security, foreign relations, the U.S. economy, public confidence, civil liberties or public health and safety of Americans.
Implementing a successful cybersecurity strategy in light of advanced threats calls for operationalizing three key principles: visibility, identity and risk, says Zulfikar Ramzan, chief technology officer at RSA.
A new portal - NoMoreRansom.org - aims to help ransomware victims avoid having to pay ransoms to get their data back. Backed by Dutch and EU law enforcement agencies, plus security firms Kaspersky Lab and Intel Security, the site includes the first decryptor for Shade ransomware.