EDR (endpoint response and detection) products are powerful tools that provide a play-by-play of exactly what happened on a computer during and after an attack. But the products require the right expertise to get the most value, a Gartner analyst says.
Canadian Karim Baratov will be extradited to the United States after waiving his right to an extradition hearing. He's accused of being a "hacker for hire" for the Russian intelligence agents who allegedly perpetrated the 2014 Yahoo hack that resulted in 500 million user accounts being exposed.
The latest ISMG Security Report leads with information security guru Ron Ross discussing changes coming to the National Institute of Standards and Technology's catalog of IT security and privacy controls. Also, challenges facing an upgraded U.S. Cyber Command.
Beyond the emotion, the arrest of security researcher Marcus Hutchins last month on charges that he developed and sold banking malware has thrust information security researchers into the legal limelight and highlighted just how much law enforcement agencies rely on them.
As threats and threat actors multiply and evolve, digital attribution becomes ever more critical, says Gartner's Avivah Litan. She discusses how to approach attribution and also offers her take on the technologies that could help secure U.S. elections.
Carbon Black rolled with the punches last week after it was accused of exposing customer data via a bug in one of its endpoint detection products. It turned out there was no bug. But the company has gone back and uncovered a bug that did expose customer data, albeit on a small scale.
A report claims British intelligence agency GCHQ knew in advance that the FBI planned to arrest WannaCry "hero" Marcus Hutchins when he visited the United States for the annual Black Hat and Def Con conferences last month. The information security community asks: Is that justice?
At ISMG's recent New York Fraud & Breach Prevention Summit, attendees interacted with technology solution providers and other thought leaders, gaining practical insights on solving real-world problems.
Hackers have been targeting the Scottish Parliament in a "brute force cyberattack" aimed at guessing users' email passwords. Security experts say it's unlikely that state-backed attackers would resort to such a blunt assault.
Philips plans to fix alarming vulnerabilities in a web-based application used to track patient radiation exposure. Versions of the DoseWise Portal mistakenly shipped with errors, including hard-coded credentials for a database and lack of encryption for patient data.
The latest edition of the ISMG Security Report leads with a closer look at a new exploit kit and whether it represents a resurgence in these types of criminal packages. Also featured: a discussion of new vehicle security concerns and communications advice for CISOs.
Locky is back. After falling off the radar last year, the ransomware is once again being distributed via massive spam campaigns - run by the Necurs botnet - in the form of two new variants named Diablo and Lukitus.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.