Leading the latest edition of the ISMG Security Report: A preview of next week's Fraud and Breach Summit in Chicago, which will feature keynoter Brett Johnson, a former cybercriminal who now advises organizations on fighting crime.
A health system's decision to reportedly suspend about a dozen employees for apparently snooping at health records related to the tragic death of a co-worker spotlights the many challenges involved with preventing and detecting insider breaches.
Just one click: That's all it takes for a victim to inadvertently grant attackers access to their email account via a third-party application. Here's how to spot signs of OAuth-related hacking and how to defend against it.
Government regulation is key to minimizing the misuse of cryptocurrencies for cybercrime, says Brett Johnson, a former cybercriminal who now consults on crime prevention. But regulating cryptocurrencies is no easy task, he acknowledges. Johnson will keynote ISMG's Fraud and Breach Prevention Summit in Chicago.
About three dozen major health data breaches have been added to the federal tally in recent weeks, including a mix of hacking and unauthorized access/disclosure incidents. Here's an analysis of the latest statistics and the reasons behind the trends.
Human resources software developer PageUp says it doesn't appear that personal data exposed in a malware attack was actually removed from its systems. But it has also found authentication error logs that recorded incorrect login attempts from before 2007.
Cyber extortion group Rex Mundi has been shut down following the arrest of seven suspects in France and a French national in Thailand, police say. Investigators began pursuing the group last year after it stole customer data from a British firm and demanded $770,000 to not publicly release it.
There's data breach good news and bad news for organizations in Europe, the Middle East and Africa, says Mike Trevett of FireEye's Mandiant. In general, attackers are dwelling in networks for less time before being discovered, except for some particularly long-lasting breaches in EMEA.
Cybersecurity insurers, faced with growing demand, are looking for new ways to better measure their risks, says Aleksandr Yampolskiy, CEO of SecurityScorecard. So some are moving toward more carefully scrutinizing the cybersecurity postures of their potential clients.
99% of account takeover attacks begin with automation, and they pave the way for future ATO. Today's sophisticated scripts can bypass traditional measures that rely purely on device intelligence or static data. Learn how to block sophisticated attacks with behavioral biometrics before they create fraud losses.
The anti-Kaspersky Lab rhetoric continues to heat up, with the European Parliament passing a motion that brands the Moscow-based firm's software as being "confirmed as malicious." In response, Kaspersky Lab has halted all work with European institutions, including Europol, pending clarification.
Nearly three weeks after human resources software vendor PageUp discovered malware on its system, the tally of what data was exposed remains unclear, although successful job applicants appear to have been hardest hit.
Security leaders have been addressing the global skills gap for better than a decade now, with little to show for it.
However, there is a new approach - leveraging software as a service to make up for the staffing shortfall.
The discussion really starts with software as a service. If you look at the benefits of...