Effective incident response requires fine coordination between technical and human resources, says Mike Fowler, vice president of professional services at DF Labs.
Hackers that U.S. officials believe are linked to Russia have upped their activity against energy providers in the U.S., Turkey and Switzerland. The group has likely developed the expertise to shut down systems, security company Symantec warned Wednesday.
Two Russian hackers, members of a group called "Shaltay-Boltai" - Humpty Dumpty in Russian - that stole and sold high-level Russian officials' emails, have been sentenced to serve three years in prison. The case against them may tie to a high-profile Russian treason investigation.
When he was an FBI agent, Jay Kramer always preached the importance of having relationships with law enforcement in advance of experiencing a data breach. Now, as a private sector attorney, he can help clients form those relationships.
Security experts often contend that potential damage from cyberattacks can be avoided if organizations just patch their systems. But Bank of the West Deputy Chief Security Officer David Pollino says applying patches sometimes is more easily said than done.
How can CISOs put "attacker indicators" to use in developing security defenses in a timely way? Noam Jolles of Diskin Advanced Technologies explains the importance of this aspect of attribution.
Instagram is warning that more users were affected by a hack of its systems than it first suspected. While email addresses - and some phone numbers - for celebrities, including Emma Watson and Lady Gaga, appear to have been compromised, 6 million account holders in total may have been affected.
AT&T's U-verse routers and gateways contain a bevy of internet-of-things coding errors that could be easily exploited by hackers, a researcher contends. As many as 235,000 hosts could be vulnerable to attack.
This special edition of the ISMG Security Report features the observations of top cybersecurity experts featured at Information Security Media Group's recent Fraud and Breach Prevention Summit in New York.
The U.S. federal government and many states haven't conducted forensic investigations into the election systems probed by hackers prior to the 2016 election. An investigation by the New York Times has found two more providers of election systems that were breached.
A federal judge has ruled that a consolidated class-action lawsuit filed by those affected by the Yahoo data breaches can proceed. The ruling means Yahoo's corporate parent, Verizon, will face a suit that could eventually lead a court to attempt to quantify the financial impact of leaked data.
A report on advances in authentication to secure a cashless economy leads the latest edition of the ISMG Security Report. Also, we analyze the record-shattering Anthem data breach settlement.
Verizon has made a strong case for continual PCI DSS awareness with its new study of payment card data security. But like many vendors that conduct their own studies supporting their business cases, Verizon makes suspect logical stretches.
Password security guidance: Do block users from picking commonly used passwords. But to avoid a usability nightmare, don't block users from picking any password that's ever been seen in a data breach, security experts advise.
What was perhaps the largest-ever botnet composed of infected Android devices has been disabled. The Wirex botnet cleverly used legitimate looking traffic for DDoS attacks against web services.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.