Buoyed by massive illicit profits, cybercriminals have continued to refine their ransomware attacks, including updating their crypto techniques to foil decryption tools, encrypting file names and threatening to leak stolen secrets.
To adequately protect their data, organizations need to go far beyond traditional controls and implement a "data-centric security" approach, says Informatica's Robert Shields, who describes the essential elements of the strategy.
The National Institute of Standards and Technology has issued a Guide to Application Whitelisting that provides step-by-step instructions on deploying automated application whitelisting to help prevent malware from accessing IT systems.
In a video interview, Bob Carr of Heartland Payment Systems offers a frank assessment of missteps in the wake of the processor's landmark 2008 data breach, and he calls for widespread use of end-to-end encryption.
The quantity and duration of distributed denial-of-service attacks continue to increase. The latest attacks are being launched via MySQL servers infected with Chikdos malware, as well as compromised Internet-connected CCTV systems, researchers say.
Brijesh Singh, CISO for the state of Maharashtra and IG of CID, says that the threat is evolving in such a manner that it is impossible for law enforcement alone to tackle it. "All of our traditional models of policing, they don't work here."
In this video interview, Mike Weber of Coalfire Labs discusses ways that healthcare organizations can develop strategies for easily sharing patient data among clinical professionals using a variety of devices while protecting that data from attackers.
British police have arrested a third suspect in connection with the hack attack against telecommunications provider TalkTalk. Separately, Vodafone UK also issued an alert of a breach, which it traced to reused passwords.
The inaugural ISMG Data Breach Summit Asia on Oct. 28 covered a range of breach-related subjects, ranging from intrusion detection and cyber-insurance to scarce security budgets and battling cybercrime. One expert described the threat posed by geopolitical conflicts moving to the online sphere.
Too many companies lack an understanding of the business ramifications of cyber threats, says Juanita Koilpillai, president of the Digital Risk Management Institute. In a video interview, she describes why business owners and insurance companies must work together to develop modern cyber risk management programs.
British police have arrested a 15-year-old boy in connection with the suspected hack of TalkTalk. Security experts say that if a teenager was responsible, it's going to be difficult for the communications firm to prove that it takes customers' data security seriously.
Cyberattacks are challenging our current methods of defense, says Lance James, a global cyber intelligence adviser at the consultancy Unit 221b. In a video interview, he discusses the changes in tools and skills that must be made to fend off fast-moving adversaries.