Don't rush to blame the printing outage at newspapers owned by Tribune Publishing on anything more than an organization failing to block a malware outbreak. And even if it does prove to be a Ryuk ransomware attack, there's no proof yet that any particular nation-state is behind the campaign, experts warn.
Although machine learning and artificial intelligence help in an incident response plan, companies must avoid excessive dependence on them, says Venkata Satish Guttula, director of security at Rediff.com.
Personal information for 1,000 North Korean defectors, including their names and addresses, has been stolen via a malware attack, officials in South Korea warn. They've traced the leak to a malware infection at a refugee resettlement center, and say police continue to investigate.
Mark Karpeles, the former head of hacked Tokyo-based bitcoin exchange Mt. Gox, has continued to maintain his innocence during the closing arguments in an embezzlement trial against him, Japanese local media report. Prosecutors are seeking a 10-year prison sentence for the French national.
Digital steganography is the practice of hiding information in plain sight, especially inside other data or images. And a new toolset, which debuted earlier this month at the Black Hat Europe conference, suggests steganography is going to get much more difficult to spot.
President Donald Trump is reportedly continuing to weigh an executive order that would ban all U.S. organizations from using telecommunications hardware built by China's Huawei and ZTE. Australia and New Zealand have blocked the firms from their 5G rollouts, while other nations weigh similar moves.
Efforts to protect privacy must be carefully balanced against the need to practically implement advanced technologies, argues Jared Ragland, senior director for policy in APAC at BSA/The Software Alliance, an advocacy group for software companies.
Open source components help developers build and deploy applications faster, but with increased speed comes greater risk. Maria Loughlin of Veracode describes how to reduce those risks through several steps, including component inventories and developer education.
For the past three years, hackers have been intercepting sensitive diplomatic cables sent between EU member states after stealing passwords for accessing the EU network via a phishing attack against diplomats in Cyprus, The New York Times reports.