Latest

Data Loss

Instagram Bans Social Media Company After Data Exposure

Jeremy Kirk  •  May 24, 2019

Instagram has revoked the access of an Indian social media marketing company after personal details of some of its users ended up in an unprotected database online. Instagram says the number of affected users - first reported at 49 million - is inaccurate, and the exposed data from Instagram was already public.

►

Application Security

Security at the Speed of the Cloud

Tom Field  •  May 24, 2019

Migrating from on-premises data security to the cloud and then embedding security in the application development process are common challenges for enterprises. Dan Fitzgerald, a CISO at the consultancy McKinsey & Co., shares insights on how to make these transitions.

►

Video

Multilayered Security Gets Personal

Tom Field  •  May 24, 2019

When large-scale data breaches started to proliferate more than a decade ago, security leaders called for end-to-end data encryption. But that approach no longer suffices, says First Data's Tim Horton, who calls for a new multilayered defense.

Application Security

WannaCry Still Causing Tears 2 Years On

Nick Holland  •  May 24, 2019

The latest edition of the ISMG Security Report assesses the legacy of WannaCry ransomware two years on. Also featured: the evolving role of healthcare CISOs; threat mitigation recommendations based on the 2019 Verizon Data Breach Investigations Report.

Cybercrime

Assange Indicted in US Under Espionage Act

Scott Ferguson  •  May 23, 2019

A federal grand jury has indicted WikiLeaks founder Julian Assange on 18 counts under the U.S. Espionage Act for his role in publishing classified material, the Justice Department announced Thursday. He's currently serving a prison sentence in the U.K. and fighting extradition to the U.S.

Application Security

Google Stored Unhashed G Suite Passwords for Years

Scott Ferguson  •  May 22, 2019

Google is notifying administrators and users of its business-oriented G Suite product that the company had been storing unhashed passwords for years because of a flaw in the platform. The company believes no customer data was leaked and that all passwords remained encrypted.

►

Anti-Money Laundering (AML)

Whistleblower Everett Stern: 'Do the Right Thing'

Tom Field  •  May 20, 2019

It's been nearly seven years since HSBC was fined $1.9 billion by U.S. authorities for money laundering violations involving international drug cartels. But Everett Stern, the former employee who blew the whistle on the bank, continues to tell his story because he believes similar criminal activity is ongoing.

Cyberwarfare / Nation-state attacks

DHS Reportedly Warns of Chinese-Made Drones Stealing Data

Scott Ferguson  •  May 20, 2019

The Department of Homeland Security is warning that Chinese-made drones could be sending sensitive data back to their manufacturers, where it can be accessed by the government, according to news reports.

Governance

Cybersecurity's Week From Hell

Mathew J. Schwartz  •  May 20, 2019

Multiple flaws - all serious, exploitable and some already being actively exploited - came to light last week. Big names - including Cisco, Facebook, Intel and Microsoft - build the software and hardware at risk. And fixes for some of the flaws are not yet available. Is this cybersecurity's new normal?

Governance

Researchers: Aircraft Landing Systems Vulnerable

Jeremy Kirk  •  May 17, 2019

The majority of aircraft accidents occur during landing. And during bad weather or low-visibility, pilots are trained to entirely trust their instruments. But researchers say they can spoof wireless signals to a critical landing system, which could cause planes to miss runways.

Governance

WhatsApp's Spyware Problem

Nick Holland  •  May 17, 2019

The latest edition of the ISMG Security Report digs into the WhatsApp flaw that paved the way for spyware installation. Also: Microsoft patches old operating systems and a 'virtual CISO' sizes up security challenges.

Breach Preparedness

Trump Signs Executive Order That Could Ban Huawei

Jeremy Kirk  •  May 16, 2019

U.S. President Donald Trump on Wednesday signed a long-expected executive order that bans the purchase of telecommunication equipment from nations deemed to pose a spying risk. Also, Huawei was banned by the Commerce Department from buying U.S. components without obtaining a license first.