InfoWars: Magecart Infection Points to 'Industrial Sabotage'

Jeremy Kirk • November 15, 2018

InfoWars' website was briefly affected by the Magecart payment card skimming malware, a finding that triggered a fiery response from the far right commentary site. But InfoWars is just one in a long line of victims of the malware.

Breach Response

HSBC Bank Alerts US Customers to Data Breach

Latest

3rd Party Risk Management

China's Hack Attacks: An Economic Espionage Campaign

Nick Holland • November 16, 2018

An analysis of China's surging hack attacks as part of an economic espionage campaign leads the latest edition of the ISMG Security Report. Also: Choosing the right MSSP, plus an analysis of the recent hijacking of Google traffic.

Cybercrime as-a-service

GandCrab Ransomware: Cat-and-Mouse Game Continues

Mathew J. Schwartz • November 16, 2018

A new, free decryptor has been released for "aggressive" crypto-locking ransomware called GandCrab. Researchers say GandCrab has come to dominate the ransomware-as-a-service market, earning its development team an estimated $120,000 per month.

Data Breach

The Privacy Penalty for Voting in America

Jeremy Kirk • November 16, 2018

Voting in the United States carries a huge privacy cost: states give away or sell voters' personal information to anyone who wants it. In this era of content micro-targeting, rampant misinformation and identity theft schemes, this trade in voters' personal data is both dangerous and irresponsible.

Cybercrime

Romanian Hacker 'Guccifer' Extradited to US

Mathew J. Schwartz • November 15, 2018

The notorious Romanian hacker known as Guccifer, who revealed the existence of Hillary Clinton's private email server and admitted to hacking numerous email and social media accounts, has been extradited from Romania to begin serving his 52-month U.S. prison sentence.

Critical Infrastructure Security

Congress Approves New DHS Cybersecurity Agency

Howard Anderson • November 14, 2018

The United States will soon officially have a single agency that takes the lead role for cybersecurity. Congress has passed legislation to establish the Cybersecurity and Infrastructure Security Agency within the Department of Homeland Security. The measure awaits President Trump's signature.

Data Breach

Nordstrom Blames Breach of Employee Data on Contractor

Jeremy Kirk • November 14, 2018

The department store chain Nordstrom says it doesn't believe that employees' personal data, which was exposed in an October data breach due to a contractor's error, has been misused. The retailer says the breach exposed no customer data.

Anti-Fraud

Using Unsupervised Machine Learning: The Challenges

Varun Haran • November 14, 2018

While unsupervised machine learning techniques get away from the data labeling and classification that most supervised systems require, they are dependent on the quality and variety of the data provided, says Gartner's Jonathan Care.

Next-Generation Technologies & Secure Development

Threat Intelligence: Less Is More

Mathew J. Schwartz • November 13, 2018

Less can be more when it comes to gathering, consuming and acting on threat intelligence, says Bryn Norton, director of solutions architecture and security at telecommunications giant CenturyLink.

Governance

CISO Job Mandate: Be a 'Jack or Jill' of All Trades

Mathew J. Schwartz • November 12, 2018

The days of effective CISOs being pure-play technologists are long gone. Instead, CISO Paul Swarbrick says the role demands someone who is expert "in people, and management and risk," and who is skilled at bringing to bear the right experts for every strategic challenge they identify.

Endpoint Security

Priority: Frictionless Transactions Over Fraud Prevention

Mathew J. Schwartz • November 9, 2018

As the pace of technology innovation continues to quicken - including the ability to make payments via everything from Alexa to Facebook Messenger - risk-based security is imperative to maintain a frictionless customer experience, says Tim Ayling of Kaspersky Lab.

Cyberwarfare / Nation-state attacks

Election Hacking Probe Gets New Boss After Sessions Quits

Jeremy Kirk • November 8, 2018

U.S. Attorney General Jeff Sessions resigned on Thursday at the request of President Donald Trump. While long expected, the move raises questions about the fate of an ongoing investigation into Russia's election hacking.

Cybercrime

Dutch Police Bust 'Cryptophone' Operation

Mathew J. Schwartz • November 8, 2018

Once again, a supposedly secure service allegedly marketed to criminals has proven to have limits. Dutch police have busted a "cryptophone" operation, allowing them to decrypt more than 258,000 encrypted chat messages, leading to a drug lab bust, 14 arrests and the seizure of cash, drugs and weapons.