U.S. President Donald Trump signed a presidential order on Wednesday that revokes a set of Obama-era guidelines for offensive cyber operations, The Wall Street Journal reports. The policy change may satisfy critics who contend the U.S. should be able to move faster, but it raises risks of escalating cyber conflict.
While IT and OT integration has brought about new levels of operational efficiency, it has also introduced serious cyber risks that conventional IT security approaches might fail to address, says IBM Security's Paul Garvey.
Leading the latest edition of the ISMG Security Report: Chris Morales of the cybersecurity firm Vectra discusses how the industrial internet of things is changing the nature of industrial espionage and disruption.
A cryptocurrency investor is suing AT&T for $240 million, alleging he lost $24 million in virtual currency after the carrier failed to stop two separate attacks where his phone number was commandeered by attackers. The incident highlights the dangers of using a phone number as an authentication channel.
The Meltdown and Spectre attacks from earlier this year showed how the quest to make CPUs run faster inadvertently introduced serious security vulnerabilities. Now, researchers have unveiled a new attack called Foreshadow that builds on those findings, affecting millions of Intel processors made over the past five...
Although cybersecurity plans sometimes clash with business goals, the role of security should be to enable the business and not necessarily lock everything down, says Andrew Woodward of Australia's Edith Cowan University.
There's a rush to cloud services, and that can offer security benefits. But it can be difficult to keep track of data and classify it in the cloud, says Neil Campbell of Telstra, a telecommunications company.
The FBI warns that cybercriminals are planning a large-scale operation aimed at emptying ATMs, a type of attack that has caused swift and costly losses for financial institutions. The attack may utilize data from a breach of an unknown card issuer, the FBI says.
Cybercriminals in Brazil have capitalized on older vulnerabilities in D-Link routers for financially motivated phishing attacks. The attackers changed DNS settings to use their own malicious DNS server, allowing for seamless shifts to phishing sites.
Ransomware. Phishing. Credential stuffing. These are among the top threats to financial institutions of all sizes. But small-to-midsized ones are particularly challenged to detect and respond to threats. Arctic Wolf's Todd Thiemann discusses the value of managed detection and response.
An analysis of the privacy issues Amazon will face as it dives deeper into the healthcare business leads the latest edition of the ISMG Security Report. Also featured: A preview of ISMG's Security Summit in New York Aug. 14-15.