Cyber-intelligence expert Tom Kellermann sees a growing hostility in cyberspace, and he fears a new wave of advanced threats aimed not just at committing crimes, but at breaching critical infrastructure. Who are the top threat actors, and what are their key targets?
Cybersecurity incidents have evolved considerably since the TJX and Heartland breaches of 2007-08. And so has the discipline of incident response, says former prosecutor Kim Peretti, now a partner at the law firm Alston & Bird. She defines incident response 2.0.
Russian threat intelligence firm Group-IB alleges that North Korea is behind recent attacks against financial institutions in Europe employing fraudulent SWIFT messages. But other experts caution that such conclusions shouldn't be made solely based on technical data.
In this special edition of the ISMG Security Report, you'll hear an edited version of an ISMG Fraud and Breach Prevention Summit keynote panel in which current and former federal cybersecurity officials assess the IT security agenda of the Donald Trump administration.
British Airways grounded all flights at London's two biggest airports starting Saturday, leading to multiple days of disruptions. The airline has blamed a power surge for its IT failures, but experts have questioned the airline's resiliency and disaster recovery planning and testing.
Restaurant chain Chipotle Mexican Grill says customers' payment card data was stolen via point-of-sale malware installed at the vast majority of its more than 2,000 restaurant locations for more than three weeks.
Leading the latest edition of the ISMG Security Report: Secretary John Kelly's congressional testimony on how DHS led government efforts to mitigate the WannaCry ransomware attacks. Also, reports on ransomware defenses as well as big data and machine learning combining to secure IT.
The identity of the individual or group behind the global WannaCry ransomware campaign remains unclear. But whoever wrote the ransom notes appears to have been fluent in Chinese and pretty good at written English, according to a linguistic analysis from security firm Flashpoint.
In the wake of WannaCry, there's a critical new flaw in Samba, which provides Windows-based file and print services for Unix and Linux systems. Security experts say the flaw is trivial to exploit. US-CERT recommends immediate patching or workarounds.
Target has reached a record settlement agreement with 47 states' attorneys general over its 2013 data breach. The breach resulted in hackers compromising 41 million customers' payment card details and contact details for more than 60 million customers being exposed.
The Donald Trump administration, in its fiscal 2018 budget, outlines steps it contends would strengthen the U.S. federal government's information systems, even as it would cut some cybersecurity spending at specific agencies.
Voice biometrics: Is it good enough to protect people's bank accounts? Also, the ISMG Security Report goes to Belfast, Northern Ireland, for this year's OWASP AppSec Europe conference, including a visit to the Titanic museum - hopefully not a metaphor for the discipline.
Good news for many victims of WannaCry: Free tools developed by a trio of French security researchers can be used to decrypt some PCs that were forcibly encrypted by the ransomware, if the prime numbers used to build the crypto keys remain in Windows memory.