Cloud services firm Coupa is one of the latest business email compromise victims, after a fraudster pretending to be its CEO faked out the HR department and stole all of its 2016 employees' W-2 forms. Security experts say rigorous training remains the only viable defense.
As challenging as ransomware has proven to be against so many organizations across regions and sectors, certain characteristics actually can help defenders gain an edge at detecting malware. Lastline's Engin Kirda explains how.
"Ransomware is a threat that needs to be taken seriously," says Kirda, cofounder and chief...
As effective as ransomware has proven to be in attacks against so many organizations across regions and sectors, certain characteristics actually can help defenders gain an edge in detecting malware. Lastline's Engin Kirda explains how.
Yahoo CEO Marissa Mayer will lose her cash bonus after an independent investigation into security breaches at the search giant found that the company's senior executives and legal team failed to properly comprehend or investigate the severity of the attacks.
For any of the tens of thousands of organization that may be smarting from this week's Amazon Web Services and Simple Storage Solution (S3) outage, take the following advice to heart: "You must kill your darlings."
The best starting point for effectively safeguarding data and protecting against breaches is to clearly understand what kind of data an organization has, where it's located and the risks, says Jason Hart of Gemalto.
Vishal Salvi is a security leader who has worked in business, left to be a consultant, and now returned to business again. What new perspectives does he bring to his role as CISO at IT services firm Infosys?
Phil Reitinger, CEO of the Global Cyber Alliance, a group he describes as a "coalition of the angry," describes how it has channeled this anger into action and tells why he believes the U.S. is in step one of a 12-step cybersecurity program.
New Zealand's privacy commissioner is recommending new civil penalties against companies of up to NZ$1 million (US$718,000) for a "serious" data breach in light of sterner penalties adopted by Australia and the European Union.
The exploitation of known, but unmitigated, vulnerabilities is the primary method of compromise for most threats since attackers are able to easily and cost-effectively leverage existing vulnerabilities for effective and profitable outcomes. It's time to align your vulnerability management priorities with the biggest...
Data security law continues to evolve. Enactment of the General Data Protection Regulation (GDPR), which takes effect May 25, 2018, will impose formal, new data security requirements on organizations with business operations in the European Union or handling data of EU citizens. Adoption of the new GDPR is motivating...
FS-ISAC is collaborating with the Monetary Authority of Singapore to establish the Asia Pacific Regional Intelligence and Analysis Center to encourage regional sharing and analysis of cybersecurity information within the financial services sector. Security experts weigh in on the value of the initiative.
Most organizations that enable users to perform online transactions have implemented security measures to address fraud. Currently, one of the most common safeguards used in a wide array of products/services is two-factor authentication (2FA).
In recent years, 2FA has become employed by global tech leaders like...