Hiring managers will need to get increasingly creative to find talent to fill their vacant information security positions, particularly in a shallow talent pool that is forecasted to get even thinner. Experts in the hiring trenches offer seven key tips to consider.
EDR (endpoint response and detection) products are powerful tools that provide a play-by-play of exactly what happened on a computer during and after an attack. But the products require the right expertise to get the most value, a Gartner analyst says.
Canadian Karim Baratov will be extradited to the United States after waiving his right to an extradition hearing. He's accused of being a "hacker for hire" for the Russian intelligence agents who allegedly perpetrated the 2014 Yahoo hack that resulted in 500 million user accounts being exposed.
A U.K. tabloid newspaper is reporting that a contractor that provides services to the National Health System has been attacked by a hacker who claims to have stolen 1.2 million patient records. But the contractor claims it was the victim of a much smaller breach and no patient records were accessed.
As threats and threat actors multiply and evolve, digital attribution becomes ever more critical, says Gartner's Avivah Litan. She discusses how to approach attribution and also offers her take on the technologies that could help secure U.S. elections.
Ukraine's central bank has warned state-owned and private banks that a new malware campaign targeting financial services firms across the country may be a prelude to a new assault of Not-Petya proportions, Reuters reports.
At ISMG's recent New York Fraud & Breach Prevention Summit, attendees interacted with technology solution providers and other thought leaders, gaining practical insights on solving real-world problems.
Hackers have been targeting the Scottish Parliament in a "brute force cyberattack" aimed at guessing users' email passwords. Security experts say it's unlikely that state-backed attackers would resort to such a blunt assault.
Philips plans to fix alarming vulnerabilities in a web-based application used to track patient radiation exposure. Versions of the DoseWise Portal mistakenly shipped with errors, including hard-coded credentials for a database and lack of encryption for patient data.
The recent online leak of an episode of HBO's Game of Thrones, which has been linked to four insiders at a company that handles data for Star India, has put the spotlight on strategies for mitigating insider threats.
Danish shipping giant Maersk faces losses of $200 million to $300 million as a result of the NotPetya global malware outbreak. Others, including FedEx and household goods manufacturer Reckitt Benckiser, are also beginning to estimate NotPetya's financial impact on their business.
The 30-year-old protocol used by motor vehicle sensors to communicate may have to be rewritten following a proof-of-concept "error flooding" attack that can disable airbags, parking sensors and safety systems.
For just $80 per day, would-be cybercrime entrepreneurs can subscribe to Disdain, a new exploit kit that targets now-patched flaws in browsers and plug-ins, including Flash and WebEx. Disdain's debut shows that while exploit kits may have declined, they haven't died out.
The British security researcher credited with stopping the WannaCry ransomware outbreak pleaded not guilty Monday to charges that he developed and sold a type of malicious software that steals online banking credentials.