When he was an FBI agent, Jay Kramer always preached the importance of having relationships with law enforcement in advance of experiencing a data breach. Now, as a private sector attorney, he can help clients form those relationships.
Lenovo will pay $3.5 million to the U.S. Federal Trade Commission and 32 states to settle a case brought against it over advertising software with serious security issues that was preinstalled on thousands of the company's laptops.
The head of the U.S. Securities and Exchange Commission says publicly traded businesses must better describe their cybersecurity risks to investors. Wall Street's top regulator also warned of a surge in initial coin offering scams - the same week that China banned ICOs altogether.
Cory Mazzola, a cybersecurity leader at Las Vegas Sands Corp., says recruiting security pros amid a talent shortage requires putting aside expectations about degrees and backgrounds. Instead, he says companies need to be willing to develop new skills in their new hires.
Security experts often contend that potential damage from cyberattacks can be avoided if organizations just patch their systems. But Bank of the West Deputy Chief Security Officer David Pollino says applying patches sometimes is more easily said than done.
How can CISOs put "attacker indicators" to use in developing security defenses in a timely way? Noam Jolles of Diskin Advanced Technologies explains the importance of this aspect of attribution.
At a time when fraud is attempted across multiple channels and customers still demand a frictionless digital experience, Kevin Donovan of Biocatch makes the case for organizations to embrace the tenets of continuous authentication.
Instagram is warning that more users were affected by a hack of its systems than it first suspected. While email addresses - and some phone numbers - for celebrities, including Emma Watson and Lady Gaga, appear to have been compromised, 6 million account holders in total may have been affected.
AT&T's U-verse routers and gateways contain a bevy of internet-of-things coding errors that could be easily exploited by hackers, a researcher contends. As many as 235,000 hosts could be vulnerable to attack.
This special edition of the ISMG Security Report features the observations of top cybersecurity experts featured at Information Security Media Group's recent Fraud and Breach Prevention Summit in New York.
PrincessLocker ransomware is back, although it's less demanding than it used to be, with attackers decreasing the quantity of bitcoins they require to unlock forcibly encrypted files. Unusually, the ransomware is being spread by the RIG exploit kit.
The U.S. federal government and many states haven't conducted forensic investigations into the election systems probed by hackers prior to the 2016 election. An investigation by the New York Times has found two more providers of election systems that were breached.
A massive Locky ransomware campaign has been infecting devices via malware-laced spam messages as well as through fake Dropbox phishing pages. More than 23 million Locky spam email have been seen in just one 24-hour period.
A federal judge has ruled that a consolidated class-action lawsuit filed by those affected by the Yahoo data breaches can proceed. The ruling means Yahoo's corporate parent, Verizon, will face a suit that could eventually lead a court to attempt to quantify the financial impact of leaked data.
