Fooling hackers into giving up traceable information about themselves through "reflective" social engineering is helping researchers curb fraud losses and protect would-be victims, say Dell Secureworks researchers Joe Stewart and James Bettke.
This edition of the ISMG Security Report features updates from RSA Conference 2017 on emerging technologies, the forthcoming White House cybersecurity executive order and Microsoft's call for a "Digital Geneva Convention."
U.S. Rep. Michael McCaul says Washington must accept that we are losing on the global cyber battlefield. But the Homeland Security Committee chairman contends the Trump administration has the opportunity to turn the tide by prioritizing cybersecurity and investing the right resources in partnerships and defense.
A discussion on how the understanding of epidemiology, immunology and genetic research processes can help developers create methods to secure information systems leads the latest episode of the ISMG Security Report. Also featured: insights on strengthening ATM defenses.
For too long, ensuring that code is securely written - and bug free - has been a business afterthought. But there's been new hope for building security into the development lifecycle, thanks to the rise of DevOps, aka rugged software, says Chris Wysopal, CTO of the application security firm Veracode.
In this edition of the ISMG Security Report: An evaluation of the challenges law enforcement faces in using lawful hacking and metadata as an alternative way to collect evidence when cracking an encrypted device is not an option. Also, a look at Trump's revised cybersecurity executive order.
Just like epidemiologists studying disease outbreaks, cybersecurity professionals can benefit from identifying and mitigating certain behaviors, says Dr. Elizabeth Lawler, an epidemiologist who is CEO of Conjur, a data security firm.
In this edition of the ISMG Security Report: an analysis of a major fine against a Texas hospital and its implications for how the Trump administration might enforce HIPAA rules. Also, an IRS-related phishing scheme targets businesses.
When Army intelligence specialist Chelsea Manning leaked classified documents to WikiLeaks in 2010, the federal government's security clearance process served as the main defense against malicious insiders. CERT's Randy Trzeciak explains how insider threat defenses have changed since then.
A report on passage by the House of Representatives of a bill aimed at toughening insider threat defenses at the Department of Homeland Security leads the latest edition of the ISMG Security Report. Also, analyzing the use of blockchain technology to secure healthcare data.
Cybersecurity strategies developed for data-centric information technology are not necessarily suitable for protecting operational technology, where availability, rather than confidentiality, is the key security concern, says Vikram Kalkat of Kaspersky Lab.
This edition of the ISMG Security Report debunks recent reports suggesting that Austrian hotel guests were locked into - and out of - their rooms by ransomware. Also, would a cybersecurity executive order from U.S. President Donald Trump advance the nation's existing efforts?
Fighting back against the ransomware epidemic requires making sure that a wide variety of best practices for security hygiene are in place, says Mohit Puri of security vendor Sophos Technologies, who spells out essential steps.
Gartner analyst Avivah Litan has long been the go-to expert for insights on fraud detection. Now she has broadened her focus to cover endpoint security and user and entity behavioral analytics. Where do these topics converge, and what insights can she share on the 2017 cybersecurity outlook?
This edition of the ISMG Security Report leads with news that several senior White House staffers had been using a private email server. Also, fueled by worries over Russian hacking, the Australian government plans to educate political parties on improving cybersecurity.