Is it ever acceptable for ransomware victims to pay a ransom to obtain the decryption key required to restore access to their data? Due to poor preparation, many organizations continue to face that question.
Backed by its own logo, Badlock refers to a set of critical Samba vulnerabilities in Windows and most Unix/Linux operating systems, which attackers could exploit to launch man-in-the-middle attacks against corporate networks.
A British man who pleaded guilty to selling homemade distributed denial-of-service attack tools reportedly used to carry out more than 600,000 attacks has escaped jail time, with a judge calling him "young and naïve."
Many APAC security practitioners have a better understanding of the big picture issues in security and new paradigms than do their counterparts in Europe, says Maurizio Garavello, VP APAC at Forcepoint.
Security experts are once again warning all Flash users to either update or uninstall the browser plug-in software to protect themselves against active exploit kit attacks that are targeting a zero-day Flash flaw to install ransomware.
The continuing success of attackers stealing billions of dollars from organizations, often through simple business email compromise scams, is a sad commentary on the state of corporate security practices as well as our collective lack of cybersecurity smarts.
A court has approved settlement of a class-action lawsuit filed by employees of Sony Pictures in the wake of its massive 2014 breach. But some legal experts say the consumer protections provided in the settlement do not go much beyond what the company should have routinely provided to victims in the wake of a breach.
New guidance from the National Institute of Standards and Technology could help make it easier and less expensive for organizations to encrypt and decrypt some forms of data, including Social Security and credit card numbers.
A recent study reveals that India ranks third globally in financial Trojan infections, with more than 60,000 computers getting compromised in 2015 alone. Experts analyze why and recommend best practices to tackle them.
The massive 'Panama Papers' leak demonstrates how law firms are at risk from internal and external attackers seeking to access confidential information. Experts offer insights on how these firms, and others, can better defend their clients' secrets.
Each year the skills gap estimate for cybersecurity goes up, with few concerted, industry-wide efforts to address the issue. What organizations in all sectors truly need is hands-on, up-to-date, intensive training, says NIELIT MD Dr. Ashwini Sharma.
The massive "Panama Papers" data leak apparently was enabled by a law firm failing to have the right information security defenses in place. The breach calls attention to the need for all organizations to encrypt sensitive data, use access controls as well as monitor access patterns for signs of data exfiltration.
If you cast the Panama Papers leak in terms of class warfare, this isn't the first time that a faceless few have acted for what they perceive to be the good of the proletariat, in a bout of hacker - or insider - vigilantism.
Security experts worldwide are sorting through the implications of the so-called "Panama Papers" leak, involving 11.5 million records. The documents highlight an elaborate web of offshore holdings that everyone from heads of state to celebrities and fraudsters have allegedly used to hide billions of dollars.
A new coalition of leaders from government, industry and privacy advocacy groups hopes to help provide a framework for reaching a consensus on how to use IT to ensure society's security while protecting individuals' privacy, says Art Coviello, an organizer of the new Digital Equilibrium Project.