From nation-states to organized crime and malicious insiders, organizations are under siege from a variety of adversaries and threats. But how do they focus on the ones that matter most? James Lyne of Sophos offers insight.
Tata Communication's Avinash Prasad clears up misconceptions about the emerging security-as-a-service model and describes the role it can play, especially at organizations growing through mergers and acquisitions.
The FBI says reported losses due to internet crime last year totaled $1.3 billion, based on nearly 300,000 complaints logged with its Internet Complaint Center. It warns that CEO fraud, ransomware, tech-support fraud and extortion are becoming increasingly prevalent.
Good news: Exploits kits are in decline, thanks to concerted efforts to disrupt their efficacy. Unfortunately, criminals are diversifying their attacks, focusing more on social engineering - including tech-support scams - and malicious spam campaigns.
Hackers can breach air-gapped voting machines and tallying systems in an attempt to alter ballots to sway the outcome of an election, a Senate panel has learned. Also, at the hearing, DHS discloses that Russian hackers targeted 21 state election systems before the 2016 election.
The European Parliament and European Commission are pushing for mandatory end-to-end encrypted communications, and banning backdoors, as part of the EU's rebooted e-privacy regulation. But the move runs counter to anti-crypto rhetoric being spouted by government ministers in Britain and France.
One month after the SMB-targeting WannaCry worm outbreak began spreading globally, Honda discovered fresh infections at multiple facilities, and was forced to temporarily idle one plant as a result of the ransomware.
South Korean web hosting firm Nayana has agreed to pay attackers a record-shattering $1 million to unlock 153 Linux servers crypto-locked by ransomware. Security researchers say the infection was likely exacerbated by the company running ancient versions of the Linux kernel, as well as Apache and PHP.
Concerns over Russian hacking of state election systems are mounting. In New York, Gov. Andrew Cuomo has ordered a review of security efforts related to state elections. On Capitol Hill, Sen. Mark Warner wants DHS to release additional details relating to cyberattacks targeting state election systems.
A data analytics firm aligned with the Republican Party says it accepts "full responsibility" after it exposed online a list that includes virtually all U.S. voter registration records along with extensive research that attempts to guess people's political views.
A new dump from WikiLeaks has revealed an apparent CIA project - code named "CherryBlossom" - that since 2007 has used customized, Linux-based firmware covertly installed on business and home routers to monitor internet traffic and exploit targets' devices.
GDPR is in effect, and in one year, regulators will start to assess penalties against enterprises not in conformance with the regulation. How prepared are entities? Will it take a high-profile penalty to get the world's attention? Michael Hack of Ipswitch weighs in.
Cybercriminals and nation-state threat actors are beginning to act alike - and that's bad news for cybersecurity leaders and their enterprises, says Eward Driehuis of SecureLink. Here are the trends to track.
Clothing retailer Buckle says malware installed on its point-of-sale systems apparently stole customers' payment card details for nearly six months. Buckle's warning, which follows a breach alert from Kmart, shows the fight against payment card fraud is far from over.
Britain's security services have reportedly concluded that the WannaCry ransomware outbreak was launched by Lazarus group, a hacking team tied to North Korea. Attribution aside, security experts question how many organizations can defend themselves against Lazarus attacks.