European computer security researchers say they have discovered vulnerabilities that relate to two techniques used to encrypt emails: PGP and S/MIME. Security experts recommend all PGP users immediately delete or disable their PGP tools, pending a full fix.
A bipartisan group of U.S. lawmakers has reintroduced legislation in the House that would stop the government from forcing software vendors to intentionally weaken their products for surveillance purposes. Two prior attempts to enact the legislation in Congress have failed.
As recent breaches attest, today's approaches to cybersecurity are insufficient. Kim DeCarlis of Gigamon offers her views on what organizations must do differently to ensure stronger cybersecurity postures.
The Gandcrab ransomware has been a moving target. Since it was discovered in January, it quickly became one of the most widely distributed file-encrypting malware programs. Researchers with Cisco say they've now found it seeded within legitimate websites, making its spread tougher to stop.
DDoS attacks are morphing from being political statements to a diversion while other forms of attacks are occurring, says Arbor Network's Mike Boose, who describes new threat vectors and best practices for mitigation.
When it comes to fraud, enterprise data has a story to tell, and it's up to security and fraud leaders to know how to interpret that story. Jim Apger of Splunk discusses reading and reacting to these stories.
Security alert: Microsoft has issued updates to fix 67 unique flaws in its products. One vulnerability in Windows VBScript engine is already being actively exploited in the wild via malicious Word documents and could also be employed for attacks via websites and malvertising, Microsoft warns.
Critical infrastructure, including electricity grids and telecommunications networks, is under attack. Optiv's Brian Wrozek discusses the challenges CISOs face in dealing with increasingly connected industrial devices.
Payments are getting faster, and so is payments fraud. A robust fraud management strategy focusing on strong authentication, customer education and scalable responses can be instrumental in minimizing payment fraud risk.
Equifax says it continues to field queries from U.S. lawmakers about the full extent of its massive 2017 data breach, which occurred after an attacker exploited its unpatched Apache Struts web application. Research finds that many more organizations are using unpatched Struts applications.