After two years on the sidelines, watching what he calls the expansion of "cyber insurgency," Tom Kellermann declares himself "back on the field" as chief cybersecurity officer at Carbon Black. How have threats evolved, and what is his hands-on mission?
How effective are nation-backed trolls at influencing individuals via social media? An analysis of Russian trolls' accounts suggests they're designed for "causing havoc by pushing ideas, engaging other users or even taking both sides of controversial online discussions."
With the explosive growth of the internet of things, and the increasing threat posed by botnets that leverage IoT, more must be done to ensure IoT devices include security by design, says David Holmes, principal threat researcher at F5 Networks, who offers a strategy.
The White House, fearing China is spying on phone calls, has suggested that the U.S. government take a primary role in marshaling the development of secure 5G networks. But would nationalizing 5G networks make them more secure?
Coincheck, a Tokyo-based exchange, says it suffered a hack attack that led to the theft of $530 million worth of XEM cryptocurrency from its hot wallet. But the developers of XEM say they are tagging all accounts that receive the stolen funds to stop it from being converted to cash.
How bad does a third-party fix have to be for Microsoft to issue a rare, weekend update that helps IT administrators disable it? A security update from Microsoft allows users to disable a faulty Intel firmware update that can lead to frequent rebooting as well as lost or corrupted data.
Many Malwarebytes users had a busy weekend after a software update led their Windows systems to experience "out of memory" errors, loss of internet access and, in some cases, crashing. The security firm has apologized and issued detailed instructions for reversing the problems and installing its fix.
U.S. Secret Service alert: For the first time, malware-using fraudsters have been draining U.S. ATMs of their cash via what's known as a jackpotting or cash-out attack. Two older models of ATMs made by Diebold Nixdorf appear to have been targeted.
How much does it cost to buy cybercrime-enabling products or services? Just $5 and up, security researchers say. Law enforcement agencies warn that small-time players as well as "serious and organized" crime rings are using cybercrime as a service to make illicit profits.
Leading the latest edition of the ISMG Security Report: Ransomware crypto-locks customer data stored by a cloud-based service provider. Also, there's a move afoot to use blockchain technology to better protect people's personally identifiable information.
After spiking in 2017, the volume of attacks involving ransomware has since declined, but the malware still remains a potent threat. For attackers, ransomware barriers to entry are lower than ever, thanks to highly automated ransomware-as-a-service offerings.
The web may be largely funded thanks to online advertising, but the threat posted by malicious advertisements continues to escalate. Indeed, the latest malvertising scheme, uncovered by security firm Confiant, served 1 billion malicious advertisements.
Technology giants are still struggling to identify what's at risk from the Spectre and Meltdown flaws in modern CPUs, never mind getting working security updates into users' hands. In the meantime, expect a rush by researchers to find more flaws in microprocessor code.
The usual advice for major security flaws is to patch as quickly as possible. Now Intel is calling for a full stop due to imperfect patches for a trio of chip security vulnerabilities known as Meltdown and Spectre.
In separate cases, two hackers have either pleaded guilty or been sentenced to serve jail time in part for launching or facilitating DDoS attacks. One defendant, John Kelsey Gammell, was unmasked after taunting a former employer over the "ongoing IT issues" his DDoS attacks were causing.