Yet another organization has acknowledged it opted to pay cyberattackers after its systems were infected with ransomware, the file-encrypting malware that has become one of the most dreaded menaces across the internet.
In the latest ISMG Security Report, our editors examine the top concerns of security practitioners gathered at Infosecurity Europe, NIST's planned revision of its cybersecurity framework and U.S. government efforts to make sure patients can securely access their electronic health records.
More than 32.8 million Twitter credentials have been compromised and are being offered for sale on the dark web, claims LeakedSource, a subscription-based breach notification service. But some security experts question whether the credentials are current and authentic.
Researchers at RiskAnalytics have watched a botnet of compromised computers in the Ukraine and Russia become a growing hive of criminal activity, playing a role in everything from ransomware and click fraud to spam bots and stolen payment card marketplaces.
Dropbox is keeping a close eye on the latest news reports of big-name, big-data breaches, but says the reported hackers are bluffing when claiming to have compromised and obtained the web storage service's data.
Cybercrime continues to be incredibly lucrative. Yet many of the techniques being wielded by connected criminals aren't new, said security expert Mikko Hypponen of F-Secure in a keynote speech at this week's Infosec Europe conference in London.
Akamai warns of a rash of less sophisticated attempts to extort companies by threatening to strike with distributed denial-of-service attacks, which can be expensive for organizations to defend against.
Many organizations still fail to practice smart web security, warns penetration testing expert Ilia Kolochenko, who notes that 23 percent of all websites still use SSL version 3, despite it leaving them at risk from POODLE and BEAST attacks.
Cybercrime alert: In March, 93 percent of all phishing emails studied contained ransomware designed to forcibly encrypt PCs, says PhishMe chief operating officer Jim Hansen. In an interview, he offers insights on how to respond.
This ISMG Security Report features a discussion of the impact on the global financial services industry of the SWIFT-related theft of $81 million from Bangladesh's central bank and similar thefts. You'll also hear reports on making IT systems more trustable and national governments' spending on cybersecurity.
NIST plans next year to clarify certain provisions in its cybersecurity framework. "Just to be clear, we're not headed toward a version 2.0 right now," Program Manager Matt Barrett explains in an interview. "We're headed to something that's more like a 1.1."
TeamViewer is strengthening the security of its remote access application after an uptick in account takeovers that the company says is the result of hackers reusing account credentials from recent data breaches.
Will a federal appellate court ruling in favor of a Minnesota bank that sued its insurer for coverage of costs associated with a fraudulent wire transfer have a big impact on similar cases? Experts offer an analysis.
Europe's biggest annual information security conference returns to London this week. Here's my pick of the top Infosec Europe sessions, with topics ranging from cybercrime and incident response to EU regulations and the Internet of Things.