The former CEO of Yahoo, which has had 3 billion records exposed in a 2013 data breach, testified at a Senate hearing that it's tough for any corporation to defend against nation-state backed cyberattacks. That led senators to grill Marissa Mayer about the security steps Yahoo had taken.
Fraudulent SWIFT money-moving attacks continue, as one of Nepal's largest private-sector commercial banks, NIC Asia Bank, says attackers tried to steal $4.4 million after hacking its SWIFT server. Most of the funds have since been recovered.
Equifax says four senior executives - including its CFO - did not know the company had suffered one of the worst breaches in history when they collectively sold about $1.8 million worth of shares. Equifax's board found that 12 days elapsed before the first of the four learned about the hack.
Thom Langford, CISO of Publicis Groupe, says all companies should consider two essential elements when crafting an incident response plan: strong legal representation and a communications plan that considers both internal and external messaging.
The National Health Service in England should have been able to block the "unsophisticated" WannaCry ransomware outbreak, U.K. government auditors have found. Security experts say the findings should be studied by senior executives across all industries to "learn from the mistakes of others."
Analysts and investigators need a data-centric, analytical environment that can uncover networks, patterns and trends that can be hidden in a mass of disparate data to combat modern, sophisticated criminal, and terrorist activity.
Download this whitepaper and learn how the i2 Analyst's Notebook Premium:
Developing safe and effective information sharing practices to foster greater interoperability presents big challenges. As information sharing becomes increasingly vital in building resilient cybersecurity, the need to put a strong, collaborative structure in place is critical.
Although there are many options for...
The recent Equifax mega-breach demonstrates how essential it is to have a robust, well-tested incident response plan in place that includes a strong public relations component, says Heath Renfrow, CISO at U.S. Army Medicine
The chairman of the Securities and Exchange Commission, Jay Clayton, promised the Senate banking committee Tuesday that his agency is pursuing numerous cybersecurity improvements in the wake of a May 2016 breach.
In today's dynamic threat landscape, "real-time" is the operative phrase - and it needs to apply both to threat detection and incident response, says Tim Bandos of Digital Guardian. What are the required security controls and tools?
Yes, malware commonly targets the Windows operating system. But if you limit malware analysis to Windows OS, you're leaving gaping vulnerabilities, says Christopher Kruegel of Lastline Inc. Here's how to maximize your analysis.
Kruegel, CEO of Lastline, says that one common limitation of malware analysis is that...
After a breach, businesses need to know their incident response from their digital forensics. Hint: Forensics enables organizations to know what happened, when and how, to guide incident responders as they defuse the problem, block further exploits and quickly restore all systems and data. Incident response expert...
Who is behind the threats that face your organization? To implement security measures that put your attackers on defense, you must know their profile and motivations.
Download this infographic and learn about:
The motivations of different attackers;
The different tactics attackers deploy;
How threat intelligence...
The U.S. federal government and many states haven't conducted forensic investigations into the election systems probed by hackers prior to the 2016 election. An investigation by the New York Times has found two more providers of election systems that were breached.
Crew error - not hacking - remains the most likely explanation for this week's deadly collision between a U.S. Navy guided-missile destroyer and a merchant oil and chemical tanker off the coast of Singapore, experts say.