The latest edition of the ISMG Security Report features an analysis of whether courts can trust evidence collected by Cellebrite's mobile device forensic tools. Also featured: Report shows attackers' dwell times plummeting; a call for partnership with law enforcement.
In light of the surge in ransomware attacks against universities, institutions need to make asset management a much higher priority, removing obsolete systems and upgrading essential systems to the latest version to avoid exploits of unpatched vulnerabilities, says Matthew Trump of the University of London.
The average amount of time that online attackers camp out in a victim's network - or "dwell time" - has been declining, FireEye's Mandiant incident response group reports. But the surge in ransomware accounts for some attacks coming to light more quickly because those attackers announce their presence.
The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and others in the wake of the SolarWinds supply chain attack. The agency notes that attackers could use IT exploits to pivot to OT systems.
Four editors at Information Security Media Group discuss timely issues, including how the zero-day attacks against Accellion File Transfer Appliance users have rewritten the rules of the cyber extortion game and former federal CISO Gregory Touhill taking on an important new role.
The latest edition of the ISMG Security Report features an analysis of British spy chief Jeremy Fleming’s "cybersecurity call to arms." Also featured: Insights on COVID-19 business continuity planning; the wisdom of the late Dan Kaminsky.
Providers have traditionally used deterministic data such as credit histories and scores in determining the suitability of an applicant. The problem is that deterministic data was never intended to assess fraud risk or verify identities but rather to gauge creditworthiness. Moreover, Gen-Z and younger millennials may...
Some security experts are questioning whether Experian is doing enough to ensure security after a researcher discovered that an API the credit reporting firm uses to allow lenders to check the credit score of prospective borrowers could expose customer's scores.
A coalition of government agencies and security firms has released a framework for how to disrupt ransomware attacks that calls for expanded regulation of the global cryptocurrency market to better track the virtual coins paid to cybercriminals during extortion schemes.
An ongoing disinformation campaign dubbed "Ghostwriter," which leverages compromised social media accounts, is targeting several NATO member countries in Europe, attempting to undermine confidence in the defensive organization as well as spread discord in Eastern Europe, according to FireEye.
Ransomware continues to prove a reliable moneymaker for criminals, with the average cyber extortion payoff rising to $220,298, reports ransomware incident response firm Coveware. Zero-day attacks and shakedowns targeting Accellion File Transfer Appliance users helped boost criminals' profits.