The latest ISMG Security Report leads with a profile of Rob Joyce, the National Security Agency operative who is reportedly under consideration to be President Donald Trump's top cybersecurity adviser. Also, cybercriminal ties with Russian intelligence and the lifespan of zero-day vulnerabilities.
The source code for the Mirai botnet has been updated to launch DDoS amplification/reflection attacks, although so far that capability hasn't been used, says Gary at Arbor Networks. Even so, DDoS defense planning remains essential.
The rapid evolution of malware and proliferation of solutions have created a state of chaos for security leaders, says Naveen Palavalli of Symantec. What strategy and solutions will help restore order to anti-malware defense?
Leading the latest edition of the ISMG Security: A deep dive into the WikiLeaks release of thousands of documents that appear to lay open in detail the CIA's computer hacking techniques Report. Also, tackling the rise of attacks targeting the internet of things.
When it comes to massive DDoS attacks powered by the likes of a Mirai botnet, "the sky is not falling," says ESET security researcher Cameron Camp. But organizations do need to prepare - and here's where to start.
A look at the return of the Crypt0L0cker ransomware leads the latest edition of the ISMG Security Report. Also, assuring the security of medical devices; and U.S. federal prosecutors drop charges against a child porn suspect rather than reveal the hacking technique used to ensnare him.
To meet the increasing customer demands for effective solutions, security vendors must ensure their products work together well, says Dr. Mike Lloyd of RedSeal. This is particularly essential to achieving "digital resilience," the ability to promptly detect and respond to network intrusions, he says.
With Verizon's data breach investigations team finding that 90 percent of breaches trace to a phishing or other social engineering attack, lead investigator Chris Novak says that using multifactor authentication should be a no-brainer for all organizations.
When trying to detect which security events are malicious, analysts have long battled signal-to-noise problems. LogRhythm's James Carder describes how behavioral analytics, case management, security automation and threat intelligence can help.
The European Union's General Data Protection Regulation, which will be enforced beginning in May 2018, will affect organizations throughout the world because it applies to any company that handles Europeans' personal data, says Fred Kost of HyTrust.
Leading the latest edition of the ISMG Security Report: The death of former White House Cybersecurity Coordinator Howard Schmidt, and a report on legislation to strengthen the influence of the National Institute of Standards and Technology on federal civilian agencies.
The technology and know-how exists to build a hack-proof computer, but doing so won't be easy, says Howard Shrobe, principal research scientist at the Massachusetts Institute of Technology's Computer Science and Artificial Intelligence Laboratory.
Paid breach notification site LeakedSource has disappeared. Given the site's business model - selling access to stolen credentials to any potential buyer - breach notification expert Troy Hunt says the site's demise is no surprise.