There are two elements of a ransomware attack - the infection and then the action that takes place on infected devices. And both elements are evolving, says Ben Johnson of Carbon Black. He shares insight on how to improve ransomware defenses.
Amidst finger-pointing over responsibility for the $81 million online theft from Bangladesh Bank, SWIFT has issued its first-ever information security guidance to banks, telling them that they're responsible for securing their own systems.
New rules set by the widely used malware database service VirusTotal will exclude security vendors for not sharing data. This move highlights ongoing tension in the multi-billion dollar anti-malware industry.
America's cyber infrastructure is under constant attack, and damage to it could have significant consequences. But the presidential candidates haven't had much to say about the issue. At ISMG's Fraud and Breach Prevention Summit, a panel of experts will address how the next president should tackle cybersecurity.
Restaurant chain Wendy's says fewer than 300 of its 5,500 locations were affected by a fall 2015 malware attack that infected a POS system not used at its other locations. The breach highlights why all franchisees under a corporate brand should use the same well-tested POS system, says Gartner's Avivah Litan.
Verizon's annual Data Breach Investigations Report has triggered an avalanche of criticism that researchers made critical errors when studying and reporting on the top 10 most frequently exploited software vulnerabilities.
Israel reportedly will extradite two suspects who were indicted in connection with cyberattacks that breached JPMorgan Chase and others. Cybersecurity experts say this is the latest example of how cross-border collaboration to bring cybercriminals to justice is improving.
Australian entrepreneur Craig Wright boasted that he was the secret bitcoin creator known only as "Satoshi Nakamoto." But his claim has been dismantled by security experts, leading one to call Wright "the world's first cryptographically provable con artist."
The emerging threats posed by cybercrime and evolving banking services, including mobile banking, will be among the focal points of a keynote address by the Information Security Forum's Steve Durbin at ISMG's Fraud & Breach Prevention Summit in Washington May 17-18.
The influence of President Obama's cybersecurity legacy on the next administration is among the topics to be discussed at ISMG's Fraud and Data Breach Summit in Washington May 17-18. Featured speakers include NIST's Ron Ross, DHS's Phyllis Schneck and Virginia Technology Secretary Karen Jackson.
Anonymous is threatening global banks with 30 days of distributed denial-of-service attack disruptions and temporarily disrupted the Bank of Greece website as a preview. Security experts say all banks should take the DDoS threat seriously.
Russian email service Mail.Ru says its users' credentials contained in data leaked to Hold Security are 99.982 percent invalid, leading it to slam the security firm for stoking "media hype." But Hold Security's CISO contends the leak contains valid email addresses that could be used for phishing and spam.
A security firm claims to have obtained from a young Russian hacker a data set that includes 272 million unique credentials for Hotmail, Gmail and Yahoo email addresses, among others. But there's no reason to panic, security experts say.