Given the rapid spread of malware and difficulties with detection, what actions should organizations take? In this interview, Chris Novak of Verizon and Stephen Orfei of the PCI Security Standards Council offer insights.
Don't leap to conclusions on the basis of a new report that suggests Yahoo is preparing to warn the world that it was hacked and lost hundreds of millions of users' account credentials. Someone may simply have harvested passwords reused on other sites.
FBI Director James Comey, Facebook CEO Mark Zuckerberg and security expert Mikko Hypponen all advocate covering up your webcam as a cheap and no-brainer defense against everything from unscrupulous competitors to sextortionists.
To help financial institutions better spot attempted fraud, the SWIFT interbank messaging network plans to begin offering voluntary "daily validation reports" to customers to flag unexpected senders, recipients or payments as well as unusually large payments.
Ransomware attacks are surging because attackers have perfected their techniques while enterprises in all sectors have failed to address critical security shortcomings, says Raimund Genes, CTO at Trend Micro.
A developer warns that Dropbox gains wide-ranging access to Apple's OS X operating system using a SQL trick that some equate to hacking users' systems. Here's why giving a desktop app unusual access to Apple's privacy settings poses a security risk.
Have you been the target or victim of ransomware-wielding attackers? The FBI wants individuals and businesses to report ransomware attacks to help it better pursue, disrupt and potentially arrest suspects.
A roundup of the just-concluded ISMG Fraud and Breach Prevention in Toronto leads the latest edition of the ISMG Security Report. Also, how one CISO gets his security message across to the board and the challenges CISOs face during their first 100 days on the job.
The handling of a recent data breach - the details of which are still unfolding - by Oakland, Calif.-based web services company Regpack provides a look into how the discovery and disclosure of a breach can turn into a real train wreck.
Microsoft has released a slew of security fixes to patch critical vulnerabilities, including in its IE and Edge browsers. One zero-day flaw, fixed via a Microsoft Office patch, has been exploited in the wild for more than two years.
Fancy Bear strikes again: the suspected Russian hacking group released confidential medical records for four U.S. Olympic athletes, falsely contending the documents prove illegal drug use by the Olympians.
The cybercrime sector involves a rapidly growing services economy that provides everything from bulletproof hosting and stresser/booter DDoS on demand, to ransomware-as-a-service and sites that offer to launder bitcoins via a process known as tumbling.