What matters most, right now, to the information security community? At RSA 2018, RSA's president said WannaCry was a wakeup call for vulnerability and risk management. Other experts see artificial intelligence, machine learning and secure coding as hot trends.
Business email compromise and account takeover attacks haven't faded; they've just morphed. Wes Dobry of Agari discusses the new wave of these attacks and how organizations can do a better job of detecting and responding to them.
Attackers rarely bother with technical sophistication when easy social engineering schemes, such as "hacking" a victim's social network and using it against them, can give them what they want, says Markus Jakobsson, chief scientist at the cybersecurity firm Agari.
Police have charged 20 Romanian and Italian nationals with running spear-phishing attacks that stole more than $1 million from online bank customers. Phishing remains a favored criminal technique for harvesting account credentials and cryptocurrency, as well as corporate secrets.
States will not have the full range of much-needed cybersecurity practices and equipment in place for this year's U.S. midterm elections. But efforts underway might deliver many much-needed improvements in time for the 2020 elections, Homeland Security Secretary Kirstjen Nielsen tells a Senate committee.
Facebook CEO Mark Zuckerberg broke five days of silence as pressure intensifies on Facebook to account for a data leak to a voter-profiling firm that worked for the Trump campaign. In a lengthy blog post, Zuckerberg has pledged to make changes to better protect personal data. But is it too late?
Cybersecurity will again be in the spotlight at this year's Healthcare Information and Management Systems Society conference, March 5 to 9 in Las Vegas. The event will feature numerous CISO presentations, updates from regulators and displays of the latest technologies.
Google is prepping its Chrome browser to brand as "not secure" every site a user tries to visit that does not use HTTPS encryption by default. The move is meant to push more sites to use HTTPS to secure communications and help block eavesdropping and man-in-the-middle attacks.
Blockchain technology already underpins the boom in cryptocurrencies, but it is also being rigorously tested and developed for other applications, including identity and access management. Such projects could make personal data easier to secure and less vulnerable to data breaches.
So what actions can we expect in 2018 from the Department of Health and Human Services' Office for Civil Rights as it enforces the HIPAA privacy, security and breach notification rules? Making a prediction is difficult, given all the changes at HHS.
Are you an accused Russian hacker who's been detained on foreign soil at the request of U.S. authorities? Bad news: While Mother Russia will go to court to try to bring you home, your odds of resisting U.S. extradition don't look good.
Dozens of lively discussions sprung up among the healthcare CISOs, legal experts and leaders from government agencies and technology vendors at Information Security Media Group's Healthcare Security Summit in New York. So what are some of the key takeaways?
In the wake of recent massive data breaches, such as the Equifax hack, a flood of stolen data is leading to a whole new wave of account takeover crimes, says Emma Mohan-Satta of Kaspersky Lab. How can organizations refine their defenses?