As many as 250,000 credentials for Remote Desktop Protocol servers around the world may have been offered for sale on the now-shuttered xDedic cybercrime marketplace. So what can organizations do to mitigate related risks and avoid a major network intrusion?
Britain's surprise vote to "Brexit" the European Union leads the ISMG Security Report. Also hear analysis on a cybercrime forum selling remote server access; Comodo being in hot water by saying "let's encrypt"; and why Facebook CEO Mark Zuckerberg covers his webcam with tape.
A hacker is reportedly selling on the dark web copies of databases stolen from three unidentified U.S. healthcare organizations and one unnamed health insurer containing data on millions of patients. Why are such postings becoming more common, and what can organizations do to avoid becoming the next victim?
Comodo made no new friends last week when it claimed that a nonprofit project, Let's Encrypt, stole its business model. Now, the digital certificate giant says it will not pursue applications aimed at securing trademarks using the phrase "Let's Encrypt."
While PCI compliance is a priority for many U.S. retailers, some major companies in Australia say they'd rather forego the cost of compliance and risk the possibility of steep fines if a card breach occurs.
In an in-depth interview, Michael Sentonas of breach response specialist CrowdStrike discusses how a focus on malware detection may still be leaving organizations exposed and describes the firm's new efforts in the Asia-Pacific region.
Let's Encrypt is crying foul over trademark applications made by Comodo that use the nonprofit project's name. Comodo is refusing to back down, which has drawn the large digital certificate vendor wide criticism.
In the wake of a majority of British voters opting to leave the European Union, the U.K. Information Commissioner's Office argues that the country should still comply with the EU's data privacy rules. But will politics get in the way?
Despite police disrupting alleged DDoS extortion gangs such as DD4BC, inexpensive stresser/booter services have enabled copycats to continue these attacks, says Akamai's Martin McKeay. Here's how organizations can defend themselves.
The U.S. Securities and Exchange Commission has obtained an emergency court order to freeze the assets of U.K. citizen Idris Dayo Mustapha, who it accuses of hacking into individuals' brokerage accounts to engineer and profit from stock price fluctuations.
Kaspersky Lab says that its original estimate of how many remote desktop protocol server credentials were offered for sale in the now shuttered online cybercrime marketplace xDedic may have been far too low, based on new data coming to light.
With ransomware attacks surging, all organizations should ensure they have an enterprise backup and disaster recovery plan in place, and eliminate all unnecessary, outdated or disused applications and services running on endpoints and servers, says ESET's Mark James.
In the event of a "Brexit" - British exit - from the European Union following this week's referendum, the U.K. would likely still have to comply with EU data protection laws, but also face cybercrime-related policing and prosecution challenges.
Following the SWIFT-focused hack attacks, a U.S. government watchdog agency is auditing the Federal Reserve's effectiveness when it comes to ensuring that U.S. banks have robust information security and data breach prevention programs in place.