Ahead of the release of Edward Snowden's memoirs chronicling his decision to bring illegal "big data" domestic U.S. surveillance programs to light, a former NSA intelligence specialist points out that the U.S. still lacks a whistleblowing law to protect intelligence workers who spot illegal activity.
Two years after WannaCry wreaked havoc via flaws in SMB_v1 and three years after Mirai infected internet of things devices en masse via default credentials, attackers are increasingly targeting the same flaws, security experts warn.
"Cobalt Dickens," a threat group with suspected ties to Iran, is continuing its attempts to steal intellectual property from schools and universities, according to an analysis by SecureWorks. The group's work continues even though several alleged members have been indicted by the Justice Department.
The Securities Exchange Board of India has come out with new cybersecurity guidelines for the commodities market. But the recommendations either rehash earlier guidelines or offer vague details on implementation.
Cybercrime is surging thanks, in part, to the availability of inexpensive hacking tools and services. A recent look by security firm Armour at black market offerings finds stolen payment card data, RDP credentials, ransomware and DDoS services are widely available for sale.
Apple is criticizing recent Google research that describes an expansive iPhone hacking campaign, accusing Google of "stoking fear" among users of its products. Google says it stands by its blog post, which focused on technical findings.
A widely used brand of GPS location-tracking devices - for keeping tabs on children, elderly relatives and pets - have security flaws that could allow anyone with an internet connection to track the devices' real-time location and historical movements, warns security firm Avast.
In just a few years' time, deception technology has matured to become a critical - and recommended - element of fundamental cybersecurity defense. Tony Cole, CTO of Attivo Networks, discusses critical success factors for deploying deception.
How do organizations know if their app and network security is sufficient to protect them from data breaches - or if their defenses are even working? Paul Dant of Arxan talks about the evolution of mobile/web app security.
The cloud, artificial intelligence and security as a service - these are the three critical conversations that security leaders need to be having with their business counterparts, says Oscar Chavez-Arietta, vice president, Latin America, at Sophos.
ISMG and Cybereason visited Dallas on their "Indicators of Behavior" roundtable dinner tour. And Cybereason CSO Sam Curry says the discussion validated the notion that it's time to reimagine incident detection and response.
Deploying deception technology can give organizations a leg up when it comes to more quickly spotting and responding to data breaches, provided they configure and utilize the technology appropriately, says Rocco Grillo of the consultancy Alvarez & Marsal.
For many cybercrime investigators, it's all about finding indicators of compromise - evidence a crime has been committed. Sam Curry of Cybereason describes the value of making a shift to cataloging indicators of behavior.
India has set a lofty goal of building its gross domestic product to $5 trillion by 2024, nearly double the current $2.8 trillion economy. If the cybersecurity sector can rapidly expand, it could play a role in fueling economic growth.