Thank Mark Zuckerberg's taped-over webcam and the Paris robbery of Kim Kardashian West for waking up the average consumer to the security risks they face from using technology and social media, social engineering expert Sharon Conheady says in this audio interview.
An explanation of how the FBI likely was able to quickly review 650,000 emails found on a computer shared by a top aide to Democratic Party presidential nominee Hillary Clinton leads the latest ISMG Security Report. Also, this week's ISMG Fraud and Breach Prevention Summit in London is previewed.
Did security vendor Cylance lean too heavily on decade-old research into weaknesses in a still-used electronic voting machine in order to get pre-election day headlines? A company spokesperson says no.
U.K. Chancellor Philip Hammond used the launch of Britain's new five-year National Cyber Security Strategy to trumpet the country's strike-back capabilities. But other parts of the strategy - including more automated defenses - hold much greater promise.
As if the internet of things didn't seem secure enough, now we have to worry about apps on our smartphones posing a risk too. At Black Hat Europe, researchers from Invincea Labs demonstrated zero-day flaws in Belkin's WeMo home-automation device firmware as well the WeMo Android app, which have been patched.
How did the FBI likely approach its examination of the computer of Hillary Clinton's close aide Huma Abedin to determine if it contained classified materials? Forensic expert Rob Lee explains just how such an examination occurs.
The Domain Name System is crucial to the functioning of the internet, but largely taken for granted - until it breaks. In an audio interview, Cricket Liu of Infoblox discusses how DNS providers must improve security.
Will the advent of faster payments in the U.S. open new doors for fraud? Business continuity and security are priorities for the Federal Reserve, says Marianne Crowe of the Boston Fed. But independent consultant Richard Party begs the question: Is the U.S. really ready?
I'm looking forward to this week in London, where Jason Tunn of the Metropolitan Police Service will walk us through a high-profile cybercrime investigation that resulted in the 2015 arrest of two British hackers with links to Russia after they attacked leading U.K. banks with the Dridex banking Trojan.
DDoS attacks apparently were directed at the small west African country of Liberia from the same botnet that struck networking services provider Dyn. Were the attacks just a test for a bigger attack to come?
The ransomware-as-a-service operation known as Cerber is earning at least $200,000 per month via ransoms paid by victims, says Check Point Software Technologies' Gadi Naveh. In an audio interview, he explains that bitcoins and high levels of automation are key to the operation's success.
Microsoft says a zero-day flaw in Windows that was publicly revealed by Google - before a patch was ready - was being exploited by the Russian hacking group known as ATP28 and "Fancy Bear" via spear-phishing attacks.
As investigations into the distributed denial-of-service attack on Singaporean ISP StarHub continue, experts believe that the scale of IoT infections - needed to launch attacks of such severity - and the circumstances perpetuating it are the bigger problems.
This year, the annual Black Hat Europe conference decamps from Amsterdam to London. What's in store? Everything from mobile ransomware and quantum-resistant crypto to "ego markets" and how to turn Belkin IoT devices into launch pads for DDoS attacks.
In a sign that investigators are paying more attention to disrupting stresser/booter services, script-kiddie-friendly Hack Forums recently announced that it will be shutting down its related Server Stress Testing forum.