Now that more breaches are targeting industrial control systems, organizations that have paid little attention to operational technology security must ramp up their protection efforts, says breach response expert Christopher Novak of Verizon.
With the rise of malware infecting IoT devices, DDoS defenders "have to assume that the attackers have an unlimited supply of machines that they can compromise," says Akamai's Michael Smith. But quarantines, ISP feedback loops and better patch management can bolster defenses.
Security software often generates so many warnings that it can be difficult to figure out which ones are the most serious. How can one differentiate good intelligence from bad? John Watters, founder of iSight Partners, discusses how to separate the signal from the noise.
Cyber espionage groups are using unconventional channels to hack target organizations, according to Mandiant' s latest research. Trusted service provider relationships are being exploited to compromise organizations in government and defense, says Rob van der Ende, Mandiant's vice president for Asia Pacific and Japan.
A variant of malware used to infect U.S. Democratic National Committee systems was also used to infect an Android app used by Ukraine's artillery forces, bolstering attribution of both attacks to Russia, says cybersecurity firm Crowdstrike.
As cybercriminals continue to wage more sophisticated, well-funded attacks, it's more urgent than ever to attract qualified professionals to careers in cybersecurity, Symantec CTO Dr. Hugh Thompson says in this audio interview.
The Obama administration has failed to reach agreement with 40 other nations on easing restrictions on exports of certain intrusion software, sometimes called "spyware," that could be exploited by repressive regimes - but also could be used to help secure computer systems.
The Shadow Brokers is offering more Equation Group attack tools for sale, payable in bitcoins. Experts say the dump appears designed to deflect attention from Russia's alleged meddling in this year's U.S. presidential election, but it may have originated from a rogue NSA insider.
Leading this latest edition of the ISMG Security Report: The growing momentum in Congress to establish a select committee to investigate breaches the American intelligence community has tied to the Kremlin to influence the U.S. presidential election.
President Barack Obama, saying the United States will retaliate against Russia for conducting hacks aimed at influencing the American presidential election, strongly suggests that Russian President Vladimir Putin authorized the cyberattacks against Democratic Party computers.
A report foreseeing homegrown hacktivists showing their displeasure with President-elect Donald Trump by launching cyberattacks against U.S. government sites leads the latest edition of the ISMG Security Report. Also, the details behind the 1 billion-record hack of Yahoo.
Hack attack victims often ask two questions: "Who did it? And can we hack them back?" But after an attack, with time of the essence for blocking further damage, those are the wrong questions for breached organizations to be asking, data breach response expert Alan Brill says in this audio interview.
How much time and effort will consumers put into protecting themselves from identity theft and financial fraud? That was the question posed by Aite Group's Julie Conroy in researching the new Global Security Engagement Scorecard. And the answer might just surprise you.
Leading the latest edition of the ISMG Security Report: an analysis of the impact on healthcare information security and privacy of the 21st Century Cares Act, which President Obama signed into law Dec. 13. Also, a report on the spread of malvertising and an update on the Bangladesh Bank cyber heist.
Hackers are increasingly taking advantage of new technologies, including analytics and artificial intelligence, to launch more sophisticated attacks and commit cybercrimes, Bill Fox, a former federal prosecutor, explains in this interview.