Too often when organizations get shaken down by online criminals, they panic, and in the process make the predicament they're facing even worse, warns digital forensic investigator Ondrej Krehel in this video interview.
Ashley Madison, the extramarital online hookup service breached by attackers in 2015, has agreed to bolster its information security and data retention practices after regulators in Australia and Canada ruled that the site violated local privacy laws.
Many organizations take months or years to discover they've been victimized by breaches because they lack experienced cybersecurity personnel, says employment researcher David Foote. The "maturing of the workforce" will take considerable time, he says in an interview.
In this video interview, Global Cyber Alliance CEO Phil Reitinger explains how the vastness and complexity of the internet creates cyber vulnerabilities, but one day those same characteristics, if used properly, could mitigate cyber threats.
Epic Games is warning of another data breach - its second in 13 months - involving several of its forums and affecting about 808,000 accounts. Attackers appear to have exploited a SQL vulnerability in Epic's vBulletin forum software.
The Equation Group tools released by the Shadow Brokers have revealed that the U.S. National Security Agency has been able to decrypt any traffic sent using a Cisco PIX device. While Cisco no longer supports the devices, more than 15,000 remain in use.
Eighty percent of the Android ecosystem - an estimated 1.4 billion devices - is vulnerable to an attack affecting TCP. While the flaw has been patched in Linux, Android remains vulnerable, although Google is aware of the issue.
A Reuters report claiming executives at SWIFT for years neglected the security of its messaging system has stirred debate among security and anti-fraud experts. Who should take the lead role for security of bank-to-bank transactions - SWIFT or its member banks?
Security spending - as a percentage of IT budgets - in recent years has been getting out of hand, says Chris Richter of Level 3 Communications, who offers suggestions for how to better keep costs under control.
Agari's John Wilson doesn't just fight email fraud schemes - he also is the occasional target. What have the fraudsters inadvertently taught him about their latest tactics? And how can these lessons help organizations to improve their defenses? Find out in this video interview.
USB devices and ports pose serious risks, and they aren't going away anytime soon. But researchers say they've developed a way to block malicious actions by USB devices to help prevent attacks such as "BadUSB."