Advanced attacks are out, while persistent, relatively simple attacks are in. Despite all of the APT hype in recent years, cybercriminals, and especially nation-state attackers, prefer to keep things simple. Information security experts explain why.
Credit card and other personal information was exposed in a data breach of Internet hosting provider Staminus Communications, which specializes in protection against distributed denial-of-service attacks. The company hosts the website of the Ku Klux Klan white supremacist group, which was also brought down.
The FBI calls ransomware "a prevalent, increasing threat." One recent campaign earned at least $325 million in global profits, while U.S. victims tell the FBI they paid $24 million in ransoms in 2015. And attackers are plowing profits back into improving their malicious code.
In a filing rebutting Apple's appeal of a court order requiring the company to help the FBI unlock the iPhone used by a shooter in the San Bernardino massacre, the Justice Department says Apple's rhetoric is "false" and "corrosive" to the institution that safeguards Americans' liberties and rights.
Email security is a growing worry, despite the fact that phishing attacks and spam have been around for decades, says Vidur Apparao, CTO of Agari. In this video interview, he explains why DMARC is gaining ground as a viable way to shore up email defenses.
We all realize that the black hats are typically a step ahead of the white hats. But do we accept that our own security controls are contributing to the deficit? Sam Curry of Arbor Networks describes how security leaders can regain their lead in this video interview.
Hank Thomas and Ann Barron-DiCamillo are long-time security practitioners who have now chosen to put their minds where the money is, as principals in the new venture capital firm Strategic Cyber Ventures. What types of companies are they looking to fund? Find out in this video interview.
In a new, global enterprise security study, only 14 percent of respondents are "extremely confident" in their enterprises' ability to defend against top threats. What are the areas that erode their confidence? Christopher Kloes of Unisys offers analysis in this video interview.
The volume and complexity of online attacks continue to increase, which creates a challenge for information security managers, says Darrell Burkey, director of product management for Check Point Software Technologies, in this video interview.
Hackers stole $100 million from the Bangladesh Bank after apparently obtaining payment-transfer codes and moving the money overseas in what experts say appears to be one of the largest bank heists in history.
Because of growing cybersecurity concerns, CISOs in the financial sector finally are getting more time with their boards of directors and more direct interaction with senior executives, says John Carlson, chief of staff at the Financial Services Information Sharing and Analysis Center.
Automated threat intelligence sharing can significantly reduce the amount of time it takes organizations to identify, assess and react to attacks, according to new research from Johns Hopkins. Mark Clancy, CEO of Soltra, says automated information sharing with government and other sectors is catching on.
The nonstop pace of "Apple vs. FBI" updates and related crypto debates seemed to exceed both the U.S. government's and the information security industry's advanced persistent spin-cycles at this year's RSA Conference.
Blockchain technology used by bitcoin and other cryptocurrencies offers opportunities for enhanced authentication and ID management, as well as cross-border money remittances, says Ben Knieff of the consultancy Aite. But he contends it's not clear that the technology could play a role in faster payments.
Spear phishing, well-crafted socially engineered wire-transfer schemes and mobile-app overlay attacks will continue to escalate, which is why anti-phishing education is becoming increasingly critical, Dave Jevans of the Anti-Phishing Working Group says in this video interview.