With ransomware attacks surging, all organizations should ensure they have an enterprise backup and disaster recovery plan in place, and eliminate all unnecessary, outdated or disused applications and services running on endpoints and servers, says ESET's Mark James.
A short chat with the alleged seller of the LinkedIn and MySpace data begs more questions about how the services were compromised and if there are more large breaches to come.
In the event of a "Brexit" - British exit - from the European Union following this week's referendum, the U.K. would likely still have to comply with EU data protection laws, but also face cybercrime-related policing and prosecution challenges.
There is no such thing as "security by obscurity." Attackers can hack what they can't see. This means organizations must reimagine the fundamentals of API creation, says Jaime Ryan of CA Technologies.
In this edition of the ISMG Security Report, you'll hear our editors explore how hackers use Java script for ransomware, the latest digital currency security issue and privacy threats posed by virtual reality.
In recent months, Cloud Access Security Broker solutions have emerged as a defacto, mandatory control. Which is better approach to CASB - proxy or API? Rohit Gupta of Palerra shares his insight and recommendations.
A report that the Russian government hacked into Democratic National Committee systems has security experts warning that just because malware was found on a hacked network, that doesn't mean a specific individual, group or nation-state was involved.
After channeling horror films and holding control of smart TVs for ransom, the ransomware innovation du jour involves attackers crypto-locking files using JavaScript. But security experts say IT administrators can deploy some relatively easy defense measures.
A mass password reset by Citrix-owned GoToMyPC shows how online service providers are still grappling with the fallout from recent large data breaches.
Adobe Flash security alert redux: All enterprises should immediately update - or delete - all instances of Flash Player, following reports that a zero-day flaw in the Web browser plug-in is being targeted by the new "ScarCruft" APT group.
Preparing for data breaches - to detect them quickly, respond appropriately and ascertain exactly what happened - can help make the difference between a security incident having major or minor repercussions, says CrowdStrike CEO George Kurtz.
The FBI is warning U.S. businesses to beware of business email compromise scams focused not just on creating fraudulent wire transfers, but also stealing personally identifiable information. Experts, however, are criticizing the FBI's alert as being too little, too late.
A massive scan of open internet ports confirms long-held assumptions that old, insecure internet protocols never die, and in fact may still thrive, especially in Belgium, says Rapid 7 security research manager Tod Beardsley.
Apple is building "differential privacy" into iOS 10 to try and block attempts to identify or track individual users based on their behavior, keyword searches or other activities. But will the functionality perform as advertised?
Days after booting hackers from its network, the Democratic National Committee allowed incident-response firm Crowdstrike to publicly detail its findings. That's a rare - albeit welcome - move for other potential targets.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
