We can see criminals are moving up the financial value chain from attacking lots of targets with smaller rewards to smaller numbers of targets with higher rewards
The healthcare sector has had plenty of significant data breaches so far this year. What can be learned from organizations' experiences? Here are three key lessons.
What's the best way to spring your citizens from foreign jail if they've been detained on U.S. hacking charges? That's a question that continues to plague Russia, including in the ongoing case against Aleksey Burkov, who's been charged with being part of a $20 million payment fraud scheme.
The U.S. National Security Agency is the latest intelligence agency to warn that unpatched flaws in three vendors' VPN servers are being actively exploited by nation-state attackers. Security experts say such alerts, which are rare, are a clear sign that serious damage is being caused.
"Cyberattacks are one of the unfortunate realities of doing business today," reads gaming company Zynga's data breach notification, thus breaking the first rule of crisis management: Own your mistakes. Hacker Gnosticplayers claims the company was still storing passwords using outdated SHA1.
Ahead of the release of Edward Snowden's memoirs chronicling his decision to bring illegal "big data" domestic U.S. surveillance programs to light, a former NSA intelligence specialist points out that the U.S. still lacks a whistleblowing law to protect intelligence workers who spot illegal activity.
Account takeover (ATO) attacks result in billions of dollars of fraud and damage to brand reputation each year. These are the costs and risks associated with ATO.
Organizations need to create a "defensible" cybersecurity program that has a mandate and executive endorsement, says Gartner's Tom Scholtz. I. Here are some points to keep in mind when drafting a program.
A new professional credential aims to help healthcare organizations bolster their security leadership bench strength, says William Brad Marsh, co-chair of a committee that developed the certification.
The SANS Institute's Cyber Workforce Academy is helping to address the shortage of cybersecurity pros by recruiting individuals from other fields and matching graduates with local employers, says Max Shuftan, who leads the institute's cyber talent division. The approach could serve as a model, he says.
Given the massive impact of the Equifax data breach, is the recently announced proposed settlement fair? One consumer advocate calls the money to be paid out by the consumer reporting agency the equivalent of a "parking ticket." Here's an analysis of the settlement's terms.
A powerful parliamentary committee has called on Britain's new prime minister - be it Boris Johnson or Jeremy Hunt - to make a decision "as a matter of priority" about the extent to which telecommunications gear built by Huawei should be used in the nation's 5G network.
Software vulnerabilities sometimes have an uncanny knack of revealing themselves, even when a bug hunter is looking someplace else. Sam Curry's probing eventually revealed a cross-site scripting flaw in a Tesla service, which netted him a $10,000 bounty.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.