Ethiopian dissidents living overseas had their devices infected with spyware made by an Israeli defense company, Canadian researchers allege. Their findings have revived longstanding concerns over some governments' potential abuse of powerful surveillance tools.
The HITRUST Cyber Threat Xchange played a role in making U.S. healthcare organizations aware of the worldwide WannaCry ransomware campaign early enough to help them thwart the threat, says HITRUST's Elie Nasrallah.
Two-factor authentication solutions face two problems: They are not widely adopted, and attackers find them far too easy to crack. What's the answer? New risk-based multifactor solutions, says Jim Wangler of SecureAuth.
In the latest blow to Kaspersky Lab, the U.K. government is warning that the Russian anti-virus vendor's software should not be used on computers that handle classified information. British bank Barclays has also ceased giving away Kaspersky's AV software to its customers.
In an era where users are working simultaneously across mobile, social and cloud applications and platforms, organizations need to deploy identity and access management solutions that can scale and adapt quickly. IBM's Sean Brown describes the rise of Identity as a Service.
An international police operation has resulted in the disruption of the long-running Andromeda botnet and associated Gamarue crimeware toolkit. Andromeda has been used to distribute 80 types of malware, including backdoors, banking Trojans and ransomware, security experts say.
The U.K.'s privacy watchdog has launched a probe after some Members of Parliament admitted they share email passwords or leave workstations unlocked. The MPs were attempting to defend a colleague who's been accused of downloading and viewing pornography on his work PC.
Email, which is too easily spoofed, phished or taken over, remains a leading cybersecurity risk. But finally, after years of pushing, the Domain-based Message Authentication, Reporting and Conformance standard, or DMARC is helping to bolster email security, says Phil Reitinger, CEO of the Global Cyber Alliance.
Denial of Service, web application layer attacks, credential abuse and IoT - these are the attack trends and vectors that will make headlines in 2018. Ryan Barnett of Akamai offers insight into how to prepare your defenses.
If you want to anticipate a prospective hacker's moves, then you'd better be able to think like one. That's the position of Terry Cutler, an ethical hacker who dedicates his time to testing organization's cybersecurity defenses - and their people.
As data breaches increase in scale and frequency, businesses must ensure an effective, swift and well-orchestrated response. To help them, ISMG on Wednesday and Thursday will host a Fraud and Breach Prevention Summit in Mumbai offering insights from 20 leading CISOs and many other experts.
New research shows that the automation of five key security controls is lacking at a majority of organizations, says Ted Gary of Tenable.
A key reason why: the lack of skilled cybersecurity professionals.
Improving network security requires understanding your environment and controlling it before implementing network segmentation, says Nathaniel Gleicher of Illumio, who explains lessons that can be learned from the Secret Service's approach.