Legislation to tighten insider threat defenses at the U.S. Department of Homeland Security has passed the House of Representatives and goes to the Senate, which failed to consider a similar measure that passed the House in the last Congress.
FS-ISAC is collaborating with the Monetary Authority of Singapore to establish the Asia Pacific Regional Intelligence and Analysis Center to encourage regional sharing and analysis of cybersecurity information within the financial services sector. Security experts weigh in on the value of the initiative.
Facebook is aiming to make account recovery and password resets more secure with a new, updated approach that eliminates outdated weaknesses such as emailed reset links, SMS messages and security questions.
It's tax time, and that means fraudsters are once again using phishing and deception to trick those who have access to staff member's W-2 tax forms into turning them over. Experts offer advice on steps to take to minimize the risk of your organization falling victim.
This edition of the ISMG Security Report leads with news that several senior White House staffers had been using a private email server. Also, fueled by worries over Russian hacking, the Australian government plans to educate political parties on improving cybersecurity.
Four years after a messy legal battle sparked by Edward Snowden using its service, the secure email provider Lavabit is back with a new platform designed to provide better privacy protection - users can select from "trustful," "cautious" or "paranoid" modes - by encrypting both email content and metadata.
Say hello to Fruitfly, the first piece of Mac malware to be discovered this year. The two-year-old malicious code is odd - it includes code that dates from the late 1990s - and appears to be designed to exploit biomedical institutions via targeted attacks.
The number of people employed in the U.S. as information security analysts rocketed by 27 percent in 2016; it's more than doubled since 2011, when the Department of Labor's Bureau of Labor Statistics began to track that occupation category.
Companies involved in mergers and acquisitions are increasingly targeted with cyberattacks that could potentially derail the deals, says Bryce Boland of FireEye, who outlines the risks and offers tips for mitigating them.
A researcher claims WhatsApp has dismissed his finding that there's a backdoor in the application that could allow attackers to unlock encrypted messages. But the controversy is more nuanced - and for most of us, much less threatening - than it might first appear.
Because cyberattackers are now using memory-resident malware that leave no trace on the disk, forensics experts using traditional methods will face a challenge, says Christopher Novak, director of Verizon's global investigative response unit.
Hackers have apparently hijacked potentially thousands of vulnerable MongoDB databases and demanded ransoms for the return of critical data, with some victims paying up, according to security researchers.
Localized skimming attacks, whether waged against ATMs or self-service gas pumps, continue to wreak havoc on banks and credit unions. And we're likely to see an uptick in 2017 as fraudsters ramp up their efforts to cash in.
Because cyber threats are becoming increasingly sophisticated, bolstering employee and customer awareness and training about ransomware, phishing and other cyber risks must be a top priority in 2017, says Curt Kwak, CIO of Proliance Surgeons.
As cybercriminals continue to wage more sophisticated, well-funded attacks, it's more urgent than ever to attract qualified professionals to careers in cybersecurity, Symantec CTO Dr. Hugh Thompson says in this audio interview.