Federal government agencies experienced 12 percent fewer cyber incidents in 2018, when there were no "major" data breaches, according to a new White House report. But the report notes there's still plenty of risk mitigation work to be done.
Researchers at the security firm Doctor Web have uncovered a fake website for a VPN provider that's designed to spread a Trojan that can steal credentials to bank accounts.
Ransomware-wielding attackers continue to target not just big businesses and large government agencies, but increasingly their smaller counterparts too. In Texas, officials say a campaign tied to a "single threat actor" infected 22 local government agencies on Friday.
Progressive companies seeking to improve their security are increasingly adopting bug bounty programs. The theory is that rewarding outside researchers improves security outcomes. But in practice, bug bounty programs can be messy and actually create perverse incentives, says bug-hunting expert Katie Moussouris.
Facebook and Twitter have suspended a number of accounts and pages that they have tied to information operations being run by the Chinese government. Disinformation has targeted pro-democracy demonstrators in Hong Kong - likening them to cockroaches - while dismissing anti-Beijing sentiment as "fake news."
The World Economic Forum recently identified "cyberattacks and data integrity concerns crippling large parts of the internet" as one of the top 10 global risks. Jaime Chanaga of NTT talks about the significance of that announcement and the concerns global security leaders face headed into 2020.
The FBI has arrested a Nigerian businessman for allegedly carrying out an $11 million business email compromise scheme that targeted a U.K. affiliate of U.S. heavy equipment manufacturer Caterpillar.
To better prepare for cyberthreats posed by Russia and China, the U.S. Army has been building cyber and electronic warfare units. But a new report from the Government Accountability Office finds that these units are understaffed, underequipped and in need of better training.
State officials in Texas say that at least 23 local government entities have fallen victim to a coordinated ransomware attack unleashed on Friday morning. Security experts say attackers continue to pummel local governments, and illicit profits have been rising.
To explore how credential stuffing attacks and brute force attacks differ, we need to understand what they are and how they operate. Here is a quick summary.
Why is fraud that originates on mobile devices growing at such a rapid rate? Brooke Snelling and Melissa Gaddis of iovation offer an analysis in this joint interview.
The European Central Bank has closed one of its websites after its IT staff found that a hacker compromised some personal information on the site and also planted malware.
A newly identified phishing campaign used Google Drive to help bypass some email security features as attackers attempted to target a company in the energy industry, security firm Cofense reported this week.
An A-list of cyber experts, including former Homeland Security Secretary Jeh Johnson, has put its weight behind U.S. CyberDome, a nonpartisan initiative to protect presidential campaigns against foreign influence. Matthew Barrett, a former NIST leader and co-founder of CyberDome, outlines how this group is gearing up.
This edition of the ISMG Security Report discusses the latest improvements in deception technology and how best to apply it. Also featured: a report on the growth of mobile fraud, plus insights on Merck's experience recovering from a NotPetya attack.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.