- The 'Opsec Fail' That Helped Unmask a North Korean State Hacker
How Park Jin Hyok – charged by the US government for alleged computer crimes for the Sony, Bank of Bangladesh, WannaCry cyberattacks – inadvertently blew his cover via email accounts.
- Romanian Hacker Pleads Guilty for Role in Inauguration Surveillance Ransomware
Attack against the Metropolitan Police Department was disrupted before malware could be sent to additional systems.
- 6 Security Training Hacks to Increase Cyber IQ Org-Wide
Move beyond generic, annual security awareness training with these important tips.
- US Approves Cyber Weapons Against Foreign Enemies
The White House is changing the rules on its use of digital weapons to fight adversaries targeting US networks.
- Data Manipulation: How Security Pros Can Respond to an Emerging Threat
Industry leaders are scrambling to address the issue, which will take new thinking to overcome.
- Executive Branch Makes Significant Progress As DMARC Deadline Nears
The DHS directive on email security has an approaching deadline that most departments in the executive branch might actually meet.
- Think Like An Attacker: How a Red Team Operates
Seasoned red teamers explain the value-add of a red team, how it operates, and how to maximize its effectiveness.
- Retail Sector Second-Worst Performer on Application Security
A "point-in-time" approach to PCI compliance could be one reason why so many retailers appear to be having a hard time.
- Account Takeover Attacks Become a Phishing Fave
More than three-quarters of ATOs resulted in a phishing email, a new report shows.
- 3 Drivers Behind the Increasing Frequency of DDoS Attacks
What's causing the uptick? Motivation, opportunity, and new capabilities.
- Japanese Cryptocurrency Exchange Hit with $60M Theft
The incident highlights a broader problem of poor security in cryptocurrency exchanges throughout the country.
- Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Actionable advice for tailoring the National Institute of Standards and Technology's security road map to your company's business needs.
- NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Suit underscores longtime battle between vendors and labs over control of security testing protocols.
- Cryptojackers Grow Dramatically on Enterprise Networks
A new report shows that illicit cryptomining malware is growing by leaps and bounds on the networks of unsuspecting victims.
- As Tech Drives the Business, So Do CISOs
Security leaders are evolving from technicians to business executives as tech drives enterprise projects, applications, and goals.
- Mirai Hackers' Sentence Includes No Jail Time
The trio behind Mirai sentenced to probation and public service in return for cooperation with law enforcement and researchers.
- WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
New standards offer protection against hacking, credential theft, phishing attacks, and hope for the end of an era of passwords as a security construct.
- FBI: Phishing Attacks Aim to Swap Payroll Information
Social engineering scams target employees' payroll credentials so attackers can access and change their bank account data.
- 5 Steps to Success for New CISOs
You've been hired to make an impact. These tips can help set you up for continued success.
- 8 Keys to a Successful Penetration Test
Pen tests are expensive, but there are key factors that can make them worth the investment.