When she first joined the Los Angeles County district attorney's office, Maria Ramirez prosecuted street gangs. Now she's cracking down on cyber gangs and is opening her case file to share lessons learned from cases involving business email compromise and ransomware.
An increase in unemployment isn't always a bad sign. It could reflect that more people are entering the workforce and looking for work, but have yet to land jobs. Could that be happening with IT security practitioners?
The recent fix for a zero-day flaw in Microsoft Office appeared more than five months after Microsoft was privately alerted to the flaw, and followed months of it being exploited via in-the-wild attacks. Can Microsoft do better?
When it comes to vulnerability management, many organizations opt to protect only their most critical security gaps - but, meanwhile, the criminals exploit the secondary vulnerabilities. Kevin Flynn of Skybox Security explains why context is everything in managing vulnerabilities.
Mayra Koury wears a lot of hats at $2 billion Tech Credit Union in San Jose. One of them is fraud investigator. Hear how she single-handedly staked out the institution's ATMs and helped law enforcement catch a skimming fraudster in action.
Many media outlets have suggested that the recent arrest of a Russian computer programmer ties to the 2016 U.S. presidential election meddling blamed on Russia. But the only source for this supposed connection traces to a Russian propaganda arm that's been blamed for participating in said meddling.
Forty targets in 16 countries were attacked using advanced attack tools and techniques that match the capabilities documented via the "Vault 7" stash of alleged CIA network exploitation documents released by WikiLeaks, Symantec says.
A look at how top security vendors share cyberthreat intelligence leads the latest edition of the ISMG Security Report. Also, states taking up legal efforts to assure the safety of medical devices and apps sold to consumers.
A zero-day flaw in Microsoft Office is being targeted via in-the-wild attacks, security firms warn, including by the notorious Dridex botnet. While there is a workaround, Microsoft says it plans to issue a full fix this week as part of its regularly scheduled security updates.
Spanish police arrested Russian computer programmer Pyotr Levashov, apparently while he was vacationing with his family. Authorities say his arrest relates to alleged Kelihos spam botnet and pump-and-dump stock campaigns, not to Russia's alleged interference in the 2016 U.S. presidential election.
When it comes to the motivations driving Eastern European cybercriminals, "pseudo-anti-Americanism" is big, says Vitali Kremez, a researcher with intelligence firm Flashpoint who regularly infiltrates cybercrime forums.
A report outlining new ways to recruit and retain cybersecurity professionals in the U.S. federal government leads the latest edition of the ISMG Security Report. Also, the sector considered the most cybersecurity challenged, and the growing interest in virtual private networks.
Legislation to direct the National Institute of Standards and Technology to create a set of tools, best practices and guidance to help small businesses protect their digital assets is heading to the U.S. Senate.
A North Korean IP address has turned up in an investigation by Kaspersky Lab into attacks against banks' SWIFT systems. The finding is a strong indication that the Lazarus hacking group may be run by North Korea.