In an in-depth interview, Ron Ross of the National Institute of Standards and Technology explains pending revisions of guidance on how organizations outside the U.S. government should protect sensitive federal data.
Malware researcher Ivan Kwiatkowski unleashed ransomware on tech-support scammers after his parents stumbled across a site warning they'd been infected by Zeus. Despite the feel-good factor, however, security experts advise against hacking back.
Unlike other malware, ransomware practically screams and shouts at victims, and that distinct behavior holds promise for helping to better detect and block ransomware infections, according to Northeastern University security researchers.
Russia, which some have blamed for attacks against the Democratic Party in the U.S., has offered a detailed description of coordinated cyberattacks against its scientific, public authority and military institutions. Is the announcement a tit-for-tat move after the charges of Russian involvement in U.S. hacks?
HHS will issue up $1.75 million in grants to give a boost to one organization that will take a lead role in cyber threat information sharing. A top priority of the ramped-up effort to help fight cyberattacks in the healthcare sector is to keep smaller organizations better informed of the latest risks.
The Federal Trade Commission has overturned a decision made last fall by its own administrative law judge to dismiss the longstanding data security enforcement case against the now-shuttered medical testing laboratory LabMD. Company CEO Michael Daugherty plans to appeal.
The Democratic Party platform calls for balancing privacy and security concerns, and vice presidential nominee Tim Kaine endorses the formation of a commission to advise Congress on developing digital security and encryption laws.
CEO fraud campaigns are becoming far more common. A recent attack against our company was deflected because of the alertness of a staff member who received a fraudulent wire transfer request, illustrating why well-informed employees truly are the best lines of defense against these schemes.
As the Pokémon Go craze continues to take off, it's clear that when it comes to chasing virtual creatures through real-world locations, too many people fail to keep some common sense guidelines in mind.
France's data protection watchdog has slammed Microsoft Windows 10 for collecting excessive amounts of personal data and failing to use strong security controls. Under the country's data protection laws, Microsoft may now face up to $1.7 million in fines.
As Pokémon Go launches in Japan, the government's cybersecurity organization has issued a nine-point safety guide reminding players to beware of real-world and cybersecurity hazards when playing the augmented reality game.
The increase in breaches is having a positive impact on IT security employment, as headlines about one cybersecurity incident after another serve as recruiting tools for skilled cyber defense workers. The IT and IT security workforce reached record levels this past quarter.
An analysis of the record of the U.K.'s new prime minister, Theresa May, on cybersecurity and online privacy and a report on efforts to create an antidote to ransomware highlight this edition of the ISMG Security Report.