We know why phishing works; we know how it works. And yet the schemes still succeed, and they're only getting more effective. How can we stop phishing? Jim Hansen of PhishMe has some ideas, and they just might surprise you.
An overlooked security setting on Twitter may have allowed a hacker to guess the password-reset email addresses tied to accounts used by President Donald Trump, first lady Melania Trump, Vice President Mike Pence plus a top adviser. What's the risk?
An annual review of nine contractors providing Medicare with administrative services shows that while their information security programs were "adequate in scope and sufficiency," the number of gaps grew. Security experts say similar security issues, unfortunately, are common throughout the healthcare sector.
RSA Conference 2017 is coming to San Francisco from Feb. 13 to 17. What new sessions, speakers and venues should attendees expect to see? Conference organizers Linda Gray Martin and Britta Glade offer a preview.
The number of reported U.S. data breaches hit an all-time high in 2016, according to Identity Theft Resource Center. But for half of all breaches, the number of exposed records isn't known. And what about all of the breaches that just haven't come to light?
In this edition of the ISMG Report: An FTC complaint filed against a camera manufacturer could signal the start of a trend to regulate IoT security. Also, Donald Trump adviser Rudolph Giuliani's cybersecurity credentials are questioned, and a terrorist shooting prompts new privacy guidance.
A researcher claims WhatsApp has dismissed his finding that there's a backdoor in the application that could allow attackers to unlock encrypted messages. But the controversy is more nuanced - and for most of us, much less threatening - than it might first appear.
Yet another study reveals that millions of people are picking weak passwords, with "123456" remaining our collective favorite. Rules requiring stronger passwords and not forcing passwords to expire both could help boost security.
The U.S. Federal Trade Commission has filed a complaint against router and camera manufacturer D-Link for allegedly failing to secure its products. Experts say it's the opening salvo in what could be a long-term battle to fix IoT devices.
Security experts have seen a doubling in less than a day of successful attacks against insecure MongoDB databases in attempts to extract ransoms from their owners. What's the fix?
The English-language broadcaster RT, which has been closely linked to the Kremlin, is part of an ongoing Russian operation designed to sow distrust in democratic institutions, according to U.S intelligence agencies. Our collective poor cybersecurity practices only make its mission easier.
A new report from a bipartisan Congressional workgroup examining the benefits and challenges of the internet of things spotlights cybersecurity and privacy as top concerns. But will the new Congress take any action on these issues?
Medical device makers need to ensure they have procedures in place to take quicker action once they're alerted of cybersecurity issues in their products, says attorney Yarmela Pavlovic, who specializes in healthcare regulatory issues.
As the Trump administration begins, expect a ramp-up in cyber espionage as well as more "test attacks" by nation-states, says cybersecurity specialist Brad Medairy of the consultancy Booz Allen Hamilton.
Will more "historical" breaches be revealed in 2017 and beyond? Data breach expert Troy Hunt is optimistic that such revelations will become rare as large businesses operating online continue to improve security. But what about small and mid-size organizations?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.