File-less malware is a huge security challenge for organizations today, and traditional email security controls aren't sufficient to meet the challenge. Burke Long of Lastline offers insight on a new way to approach email security.
Leading the latest edition of the ISMG Security Report: Reports on the impact enforcement of the EU's General Data Protection Regulation, which began Friday, will have on the healthcare and banking sectors. Plus an assessment of GDPR compliance issues in Australia, which offer lessons to others worldwide.
Will federal regulators finally tackle long overdue rulemaking related to a HITECH Act provision calling for the Department of Health and Human Services to share money collected from HIPAA settlements and penalties with breach victims?
Researchers have discovered two new Spectre/Meltdown variants: variant 3a, a rogue system register read, and variant 4, a speculative store bypass. Some AMD, ARM, Intel and IBM Power chips have the flaws, which attackers could exploit to steal sensitive data. Some fixes have already been shipped.
Distributed deception technology does not provide a viable solution for defending ATM machines against attacks executed physically on the machines themselves. But it is arguably the most effective means of stopping the most damaging attacks - the ones executed against the larger ATM network or those enabled by...
The EU's General Data Protection Regulation, which will be enforced beginning May 25, has significant implications for how financial institutions worldwide handle customer data, says Brett King, CEO of Moven, an all-digital bank, who sizes up the challenges.
If you're paying attention, you've probably already seen a handful of GDPR-related headlines just today, let alone in the last week or month. But there are two good reasons for the deluge of GDPR discussion right now: It's incredibly important and the time to act is now.
Respiratory care provider Lincare Inc. has signed an $875,000 settlement of a class action lawsuit brought by current and former employees in the wake of a 2017 breach involving a business email compromise scam. The company was previously fined by federal regulators after another breach.
Leading the latest edition of the ISMG Security Report: Years of massive data breaches have fueled an increase in synthetic identity fraud, in which fraudsters combine real and bogus details to create more effective fake identities. Plus, has "The Dark Overlord" hacking group finally met its match?
Today's cyber landscape has become a matter of 'when' not 'if' a cyber breach will affect your organisation.
In this environment, running a successful organisation requires mature cyber incident response capabilities that lead to strong organisational defense and mitigation of harmful breaches. C-suite understanding...
In many instances, we learn that companies have an incident response plan that looks good on paper but not in practice. The plan cannot just live in a manual that sits on a shelf. It needs to be a strategy that everyone agrees to, can evolve over time, is rehearsed often and can be carried out immediately when the...
Organizations that use unpatched software face a race against the clock, with attackers regularly beginning to hammer new
vulnerabilities just hours after new fixes or security alerts get released to the public.
Download this whitepaper to learn more about:
Why patch management isn't a problem that can be...
The noose appears to be tightening around the Dark Overlord, a group of international hackers who have stolen and held for ransom sensitive information from dozens of companies, healthcare organizations and U.S. public schools. Serbian police say they've arrested a suspect in cooperation with the FBI and U.K....
There is a lot to say about the disorganized way most cyber incident claims are currently handled. Instead, adopting a project management approach will make better use of resources and lead to several benefits.
To this point, many incidents have traditionally been handled with a "lawyer-heavy" approach, but the...
A former CIA software engineer who is facing child pornography charges is a possible suspect in the largest-ever leak of classified information from the spy agency. While Joshua A. Schulte has not been charged with the leak, prosecutors have indicated they will soon indict him.