This week's ISMG Security Report takes a close look at whether an iPhone hacking campaign may be linked to Android spying campaigns by China. Plus: Do ransomware gangs target organizations that have cyber insurance?
With widespread use of Active Directory across industries and organizations of all sizes, it is frequently a target for bad actors who can use a cracking dictionary or exposed credentials to gain unauthorized access to an employee's account.
The mayor of New Bedford, Massachusetts, took the unusual step this week of holding a press conference to describe a recent ransomware attack and explain why the city decided not to pay the $5.3 million ransom that was demanded.
As a fraud management leader, are you aware that social engineering is a widespread and increasingly common tactic used to takeover customer accounts? Learn more about why social engineering is one of the most dangerous and difficult to stop online crimes.
Representatives from the U.S. intelligence establishment met with security officials of major social media and technology firms this week to help craft the nation's approach to securing the 2020 elections, including facilitating better information sharing and coordination.
Facebook has confirmed that unprotected databases containing more than 419 million users' phone numbers contained data scraped from the social network. TechCrunch, which first reported on the development, says many of the exposed phone numbers can be tied to Facebook IDs and remain accurate.
A widely used brand of GPS location-tracking devices - for keeping tabs on children, elderly relatives and pets - have security flaws that could allow anyone with an internet connection to track the devices' real-time location and historical movements, warns security firm Avast.
Cyber defense is no longer about staying a step ahead - it's about trying to remain no further than a step behind the adversaries, says Moshe Ishai of HolistiCyber, who shares insights on how to regain an advantage.
At Citi nearly 25 years ago, Steve Katz was named the world's first CISO. Today he remains active in the field and has a unique perspective on how the CISO role has evolved - and what it will take to be a cybersecurity leader in the future.
In just a few years' time, deception technology has matured to become a critical - and recommended - element of fundamental cybersecurity defense. Tony Cole, CTO of Attivo Networks, discusses critical success factors for deploying deception.
How do organizations know if their app and network security is sufficient to protect them from data breaches - or if their defenses are even working? Paul Dant of Arxan talks about the evolution of mobile/web app security.
The cloud, artificial intelligence and security as a service - these are the three critical conversations that security leaders need to be having with their business counterparts, says Oscar Chavez-Arietta, vice president, Latin America, at Sophos.
In the wake of the HSBC money-laundering scandal, whistleblower Everett Stern founded the intelligence firm Tactical Rabbit. He explains the firm's mission and how the HSBC experience continues to drive him forward.
ISMG and Cybereason visited Dallas on their "Indicators of Behavior" roundtable dinner tour. And Cybereason CSO Sam Curry says the discussion validated the notion that it's time to reimagine incident detection and response.