Feds Indict Russian Over BTC-e Bitcoin Exchange

Mathew J. Schwartz • July 27, 2017

Police in Greece arrested Russian national Alexander Vinnik, who was indicted by a U.S. federal grand jury for allegedly running the BTC-e bitcoin exchange and helping to launder $4 billion in cryptocurrency tied to criminal enterprises, including the hack of the Mt. Gox bitcoin exchange.

Anti-Malware

Hole in the Cloud Service Bucket: Dow Jones Data Exposed

Latest

Cybersecurity

Business-Driven Security: Protect What Matters Most

Tom Field • July 26, 2017

By 2020, organizations will be spending $100 billion annually on cybersecurity products and services. But are they securing the assets that matter most to their enterprises? RSA's Peter Beardmore discusses the emerging concept of business-driven security.

Anti-Malware

Mac 'Fruitfly' Infections More Numerous Than Believed

Jeremy Kirk • July 26, 2017

It has been a fairly slow year for Mac malware. But a former NSA researcher has dug into the first Mac malware sample that was detected earlier this year - dubbed "Fruitfly" - and found at least 400 computers, and possibly more, infected with a variant of the malware.

Anti-Malware

20 Hot Sessions: Black Hat 2017

Mathew J. Schwartz • July 25, 2017

Security comes to Las Vegas this week in the form of Black Hat USA 2017. Hot sessions range from an analysis of power grid malware and "cyber fear as a service" to details of two major hacker takedowns and how the world's two largest ransomware families cash out their attacks.

Breach Notification

Sweden Grapples with Sensitive Data Leak Scandal

Jeremy Kirk • July 24, 2017

Sweden is grappling with the fallout from a data breach that occurred two years ago and the scope of which has only recently trickled out. It resulted in the prosecution of the former head of the Transport Agency and deep questions over an outsourcing arrangement with IBM.

Business Continuity/Disaster Recovery

Nuance the Latest NotPetya Victim to Report Financial Impact

Marianne Kolbasuk McGee • July 21, 2017

Medical transcription software vendor Nuance is the latest company to acknowledge that it's still struggling to recover from the recent global NotPetya ransomware attacks and will see a dip in its financial performance as a result.

Vendor Management

Getting Value From Managed Security Services Providers

Jeremy Kirk • July 21, 2017

Organizations rely on a variety of outside firms to deliver security services. But how can they get the most value? Catherine Buhler, CISO of BlueScope Steel, shares how she challenges managed security services providers.

Cybersecurity

Police Seize World's Two Largest Darknet Marketplaces

Mathew J. Schwartz • July 20, 2017

The FBI and Europol announced that they've jointly shuttered the world's two biggest darknet marketplaces, AlphaBay and Hansa, which were responsible for more than 10 times the volume of sales as the notorious Silk Road marketplace.

Endpoint Security

IoT in the Enterprise: The Next Big Thing

Tom Field • July 20, 2017

Millions of connected devices already have been potentially compromised - inside and outside of the enterprise. Phil Marshall of Tolaga Research is concerned about when and how attackers will take advantage of these in the next big IoT strike.

Cybersecurity

FBI Blames Iranian Hackers for Stealing US Missile Tech

Mathew J. Schwartz • July 20, 2017

Two Iranian nationals remain at large after being charged by the U.S. Department of Justice with hacking into a Vermont-based engineering firm and stealing software used to develop projectiles, ranging from bullets to GPS-guided artillery shells and missiles.

Data Breach

Ricoh Australia Scrambles to Fix Document Leak

Jeremy Kirk • July 20, 2017

Ricoh's Australia office has notified banks, government agencies, universities and many large businesses about a curious data breach that, in some cases, exposed login credentials for its multifunction devices.

Endpoint Security

IoT Security Cameras Have a Major Security Flaw

Jeremy Kirk • July 19, 2017

An investigation into a single IP security camera has unfolded into yet another worrying finding in the land of the internet of things. Millions of IoT devices may have a remotely executable buffer overflow in an open-source code component, according to cybersecurity company Senrio.

Cybersecurity

State Department Official Who Backs Russian Cyber Engagement Leaving

Eric Chabrow • July 19, 2017

Christopher Painter, who has advocated for diplomatic engagement with cyber friends and foes alike, is leaving his post as coordinator of cyber issues at the State Department, a job he has held since early 2011.