- Inside Incident Response: 6 Key Tips to Keep in Mind
Experts share the prime window for detecting intruders, when to contact law enforcement, and what they wish they did differently after a breach.
- Two Found Guilty in Online Dating, BEC Scheme
Cybercriminals involved in the operation created fake online dating profiles and tricked victims into sending money to phony bank accounts.
- Security Lessons from My Game Closet
In an era of popular video games like Fortnite and Minecraft, there is a lot to be learned about risk, luck, and strategy from some old-fashioned board games.
- FIN7 Cybercrime Gang Rises Again
The group now employs a new administrative interface for managing its campaigns, as well as documents that link to SQL databases for downloading its code.
- Businesses Manage 9.7PB of Data but Struggle to Protect It
What's more, their attempts to secure it may be putting information at risk, a new report finds.
- Facebook Employees for Years Could See Millions of User Passwords in Plain Text
- Hacker AI vs. Enterprise AI: A New Threat
Artificial intelligence and machine learning are being weaponized using the same logic and functionality that legitimate organizations use.
- SaaS Ecosystem Complexity Ratcheting Up Risk of Insider Threats
Even with common security platforms like CASBs, organizations struggle to deal with the volume of apps and accounts that interact with business-critical data.
- Microsoft Brings Defender Security Tools to Mac
Windows Defender becomes Microsoft Defender, and it's available in limited preview for Mac users.
- Police Federation of England and Wales Suffers Apparent Ransomware Attack
National Cyber Security Centre and National Crime Agency investigate random attack that locked down the association's data and deleted backups.
- What the Transition to Smart Cards Can Teach the US Healthcare Industry
Healthcare information security suffers from the inherent weakness of using passwords to guard information. Chip-based smart cards could change that.
- Researchers Seek Out Ways to Search IPv6 Space
Security researchers regularly search IPv4 address space looking for servers with ports exposing vulnerable software. With the massive number of IPv6 addresses, however, they have lost that ability. C …
- BEC Scammer Pleads Guilty
Business email compromise (BEC) operation resulted in $100 million in losses to a multinational technology company and a social media firm, according to the US Attorney's Office.
- Google Photos Bug Let Criminals Query Friends, Location
The vulnerability, now patched, let attackers query where, when, and with whom victims' photos were taken.
- The Insider Threat: It's More Common Than You Think
A new study shows why security teams must look holistically across cybersecurity, compliance, technology, and human resources to truly address the business effects of workforce risk.
- Less Than 3% of Recycled Computing Devices Properly Wiped
Researchers find that companies that refurbish or accept old equipment as donations don't necessarily clean them of data as promised.
- 'Critical' Denial-of-Service Bug Patched in Facebook Fizz
Researchers report a now-patched DoS vulnerability in Facebook Fizz, its open source implementation of the TLS protocol.
- TLS 1.3: A Good News/Bad News Scenario
Stronger encryption standards are improving the privacy of data in motion, but enterprises will need to adapt their security architectures to maintain visibility into network traffic.
- Microsoft Office Dominates Most Exploited List
Lone Android vulnerability among the top 10 software flaws most abused by cybercriminals.
- DDoS Attack Size Drops 85% in Q4 2018
The sharp decline follows an FBI takedown of so-called "booter," or DDoS-for-hire, websites in December 2018.