Deputy Attorney General Rod Rosenstein announces indictments in a July 13 press conference.

More Indictments in Russian Election Interference Probe

Howard Anderson • July 13, 2018

Twelve Russian intelligence officers have been indicted, as a result of Special Counsel Robert Mueller's ongoing investigation, for allegedly conspiring to interfere with the 2016 presidential election, including by hacking the Democratic National Committee.

Cyberwarfare / Nation-state attacks

Cryptocurrency's Skyrocketing Money Laundering Problem

Latest

Authentication

Australian Airport Identity Card Issuer Breached

Jeremy Kirk • July 13, 2018

An Australian company that issues identity cards for access to airports has been notifying applicants and cardholders that their personal information may have been compromised, according to a news report. Australian federal police are investigating.

Breach Response

Analysis: California's Groundbreaking Privacy Law

Nick Holland • July 13, 2018

The latest edition of the ISMG Security Report features a discussion of California's groundbreaking new privacy law as well as an update on the potential impact of the hacker group responsible for the Ticketmaster breach.

Cybercrime

Evolving Cyberattacks Against Banks

Nick Holland • July 11, 2018

A new kind of cyberattack that targeted financial institutions in Europe and Russia to steal nearly $100 million illustrates how threats are evolving, says Brian Hussey of Trustwave, who discusses mitigation steps.

Fraud

A Successful Strategy for Fighting Phishing

Nick Holland • July 11, 2018

The key to lowering the risk of employees becoming victims of phishing is to adopt an "adult learning" approach to training, says Brent Maher, CISO at Johnson Financial Group.

Fraud Management & Cybercrime

The Battle for Data Integrity

Tom Field • July 10, 2018

Stolen data is one thing - the consequences are obvious. But what if data is not stolen or leaked, but rather altered? What could be the damage? Diana Kelley of Microsoft discusses the emerging topic of data integrity and how to preserve it.

Governance

Bringing Vendor Risk Management to the Midmarket

Nick Holland • July 9, 2018

A new initiative by the Cyber Readiness Institute aims to promote best cybersecurity and vendor risk management practices to smaller enterprises. RiskRecon founder and CEO Kelly White offers his perspective on converting standards to practices.

Legislation

Why California's New Privacy Law Is a 'Whole New Ballgame'

Marianne Kolbasuk McGee • July 9, 2018

While California already had some of the strictest and most varied privacy laws in the country, the new California Consumer Privacy Act of 2018 "is a whole new ballgame," says privacy attorney Kirk Nahra, who explains why.

Breach Response

UK to Establish Court for Cybercrime in London

Jeremy Kirk • July 6, 2018

The U.K. has approved a plan to build a cutting-edge court complex in London designed to handle cybercrime, fraud and economic crime. The facility is expected to be a growth driver for the country's legal industry, despite the U.K.'s pending withdrawal from the European Union.

Breach Preparedness

Why Attackers Keep Winning at 'Patch or Perish'

Mathew J. Schwartz • July 5, 2018

Patch management problem: Organizations must identify and fix all new vulnerabilities in their software and hardware as quickly as possible. Unfortunately, on average, attackers keep exploiting flaws faster than they're being patched, says Tenable's Gavin Millard.

Data Loss

Data Classification for the Masses

Mathew J. Schwartz • July 5, 2018

In the age of GDPR, more organizations are looking to data classification - including more automated techniques for doing so - as a way to not only help them protect their crown jewels, but in the case of a breach quickly identify what went missing, says Digital Guardian's Tony Themelis.

General Data Protection Regulation (GDPR)

What Apps Are Peeking Into Your Gmail?

Jeremy Kirk • July 5, 2018

Google says it closely vets third-party party applications that peek into Gmail boxes. But an investigation by the Wall Street Journal raises questions if consumers are fully aware of the consequences of granting access to third-party apps and the practices of email-scanning companies.

Cybercrime as-a-service

Life After Webstresser Disruption: No DDoS Holiday

Mathew J. Schwartz • July 5, 2018

Police recently arrested the suspected administrators and top users of the stresser/booter service Webstresser.org. Unfortunately, the plethora of such services means the world is unlikely to see a reduction in DDoS attack volumes, says Darren Anstee of Arbor Networks.