Data centers are difficult to defend, and securing the perimeter is important but of little consequence if attackers get inside. But there are ways to lock down data centers, former White House strategist Nathaniel Gleicher explains in this interview.
Following the $81 million Bangladesh Bank hack, "persistent, adaptive and sophisticated" attackers have continued to compromise banks' local security controls to send fraudulent money-moving messages via SWIFT's interbank messaging network, and, in some cases, successfully steal money, SWIFT warns.
Brazen ATM thefts from financial institutions in Taiwan and Thailand have sent a shiver through the global banking industry. An inside look at the malware used in the attacks reveals attackers' clever, incremental improvements.
Intelligence agencies sometimes seek out and develop exploits for the very technology that their nation's organizations rely on to secure their data. In an interview, cybersecurity expert Alan Woodward offers insights on how information security professionals should respond.
In an interview, Internet pioneer Vint Cerf says he sees a secure future for the network of networks he helped create four decades ago as the co-developer of TCP/IP, the protocol that facilitates internet communications.
Thai police say they have identified all of the suspects allegedly involved in recent "jackpotting" malware attacks against 21 ATMs, leading to the theft of 12 million baht ($350,000). The malware is a new strain called "Ripper," raising concerns for banks worldwide.
A report on an FBI warning to state election officials that their IT systems could be hacked leads the latest edition of the ISMG Security Report. Also, Australian officials mull bitcoin technology to secure elections.
A UAE-based activist targeted by a rare and valuable remote exploit for Apple's mobile software has caused concern over the continued sale of powerful spying tools to governments with poor human rights records.
Cisco has begun releasing updates for all ASA devices to patch them against a buffer overflow vulnerability that was targeted by leaked Equation Group attack tools. Attackers can exploit the flaw to gain remote control of ASA devices.
The process of managing software vulnerabilities inside the enterprise is complicated by the sheer number of patches that must be assessed, applied, tested and rolled out, says Wolfgang Kandek of Qualys, who offers suggestions on how to better focus those efforts.
If leading intelligence agencies can seemingly hack a wide variety of IT gear, what hope is there for enterprise security? Experts describe how organizations should respond to the recent dump of attack tools from the Equation Group, which is widely believed to be tied to the NSA.
Ransomware gangs increasingly target organizations - including hospitals and banks - that might be able to recover from such attacks, but not in a timely manner, says Verizon's Mark Rasch. Learn how well-honed incident response plans can help.
Too often when organizations get shaken down by online criminals, they panic, and in the process make the predicament they're facing even worse, warns digital forensic investigator Ondrej Krehel in this video interview.