An international police operation has resulted in the disruption of the long-running Andromeda botnet and associated Gamarue crimeware toolkit. Andromeda has been used to distribute 80 types of malware, including backdoors, banking Trojans and ransomware, security experts say.
The U.K.'s privacy watchdog has launched a probe after some Members of Parliament admitted they share email passwords or leave workstations unlocked. The MPs were attempting to defend a colleague who's been accused of downloading and viewing pornography on his work PC.
Email, which is too easily spoofed, phished or taken over, remains a leading cybersecurity risk. But finally, after years of pushing, the Domain-based Message Authentication, Reporting and Conformance standard, or DMARC is helping to bolster email security, says Phil Reitinger, CEO of the Global Cyber Alliance.
New research shows that the automation of five key security controls is lacking at a majority of organizations, says Ted Gary of Tenable.
A key reason why: the lack of skilled cybersecurity professionals.
Improving network security requires understanding your environment and controlling it before implementing network segmentation, says Nathaniel Gleicher of Illumio, who explains lessons that can be learned from the Secret Service's approach.
An employee of the NSA's Tailored Access Operations group has pleaded guilty to mishandling classified information. The material ended up in the hands of Russia after he copied it to his home computer, which had Kaspersky Lab's anti-virus software installed.
Next year, the Singapore parliament will consider a cybersecurity bill that was revised after government officials reviewed numerous public comments on a draft version. The purpose of the bill is to establish a framework for the oversight and maintenance of cybersecurity in the government and the private sector.
Roman Seleznev, the son of a Russian lawmaker who earlier this year received one of the longest sentences ever handed down in the U.S. for computer-related crimes, has been slammed with two more 14-year sentences. He was a key figured in the infamous Carder.su fraud marketplace.
Medical devices are increasingly used by cybercriminals to compromise networks, systems and patient data, says Dr. Jack Lewin of the consultancy Lewin and Associates, who's also chairman of the National Coalition on Health Care. That's why physicians should be advocates for better device security.
The lack of skilled personnel is hampering incident response, but automation can help, says Mike Fowler of DFLabs. Providing responders with "playbooks" for step-by-step incident response processes, for example, is essential, he contends.
Connected medical devices are a significant potential new attack surface that may not be covered by security tools and systems, says Ariel Shuper of Check Point Software Technologies. How can healthcare providers immunize their medical devices against threats before they are compromised?