Gartner's Avivah Litan is just back from a trip to Israel, and she's particularly enthusiastic about the new topic of "offensive defense." What is the concept, and what security controls does it require?
SecureWorks has released its new Cybersecurity Threat Insights Report, and Matt Eberhart, vice president, says the key takeaways are about automation, orchestrations and the evolution of the security operations center.
A large malware campaign first discovered in Poland may have affected financial institutions in 31 countries. Technical clues point toward the Lazarus group, believed to be linked to North Korea, which used the Sundown exploit kit, researchers say. But attributing cyberattacks is tricky.
New Zealand's privacy commissioner is recommending new civil penalties against companies of up to NZ$1 million (US$718,000) for a "serious" data breach in light of sterner penalties adopted by Australia and the European Union.
Russian police have arrested more suspected members of a cybercrime gang that used "Lurk" malware to steal nearly $30 million from Russian banks. Separately, a lead cybersecurity investigator's arrest on treason charges appears to be chilling cross-border cooperation.
A heavily revised draft of President Donald Trump's executive order on cybersecurity lays out initiatives to build upon the Obama administration's IT security programs rather than to radically change them. It's not yet clear when the president will sign the order, or whether it will be changed yet again.
Dozens of banks, governments and telecommunications companies have been struck by fileless malware, which resides in memory and leaves few traces for investigators, according to Kaspersky Lab. The use of open-source tools and utilities makes the attacks difficult to detect.
Harold Thomas Martin III, a former Booz Allen Hamilton contractor, has been indicted on 20 counts of stealing classified documents from a range of U.S. intelligence agencies. He faces up to 200 years in prison.
Exploit kits are out and phishing emails are in for attackers who are attempting to infect victims with ransomware, according to new research. Unfortunately, the volume of phishing - and thus ransomware - attacks continues to grow.
The House has passed a privacy bill that would strengthen the legal protection afforded to emails older than 180 days. The bill now moves to the Senate, where it died last year after some senators tacked on controversial, privacy-eroding amendments.
A digital forensic analysis of a new type of Mac malware reveals that it has a strong connection to Iran, researchers say. The malware, which turned up on the computer of a human rights advocate, tries to steal authentication details from macOS's Keychain.
InterContinental Hotels Group is warning customers that malware infected point-of-sale devices at a dozen of its hotel restaurants and bars in North America and the Caribbean for up to four months in 2016. But it's unclear if the breach ties to reported exploits involving POS service providers.