Spammers wielding Locky ransomware have a new trick up their sleeves: the ability to infect PCs via malicious Microsoft Word documents that use the Dynamic Data Exchange application-linking feature built into Windows to push ransomware onto victims' systems.
An in-depth look at the DMARC anti-spoofing system - which the U.S. Department of Homeland Security this past week said it will require federal agencies to adopt - leads the latest edition of the ISMG Security Report. Also, continuous monitoring of the insider threat.
A look at President Donald Trump's pick for the Department of Homeland Security secretary, Kirstjen Nielsen, leads the latest edition of the ISMG Security Report. Also featured: Equifax's and TransUnion's problem with dubious code.
Developing safe and effective information sharing practices to foster greater interoperability presents big challenges. As information sharing becomes increasingly vital in building resilient cybersecurity, the need to put a strong, collaborative structure in place is critical.
Although there are many options for...
A Belgian security researcher has discovered a "serious weakness" in the WPA2 security protocols used to encrypt many WiFi communications. Attackers can exploit the flaws to eavesdrop as well as potentially inject code such as malware or ransomware into WiFi-connected systems. Prepare for patches.
The RSA Conference returns to Abu Dhabi in November, and event organizers Linda Gray Martin and Britta Glade say this year's agenda is packed with new speakers and topics unique to this growing annual event.
Security researchers have discovered websites run by credit bureaus Equifax and TransUnion were both affected by dodgy code that redirected users to adware and malware. Both issues are fixed, but the situations beg questions about how closely the companies monitor their online security.
It's a tale that reads stranger than fiction, a true Tom Clancy-ish yarn: Israeli spies hacked Kaspersky Lab, discovering that Russia has been using the company's pervasive anti-virus software to spy on U.S. spies. Will Kaspersky Lab survive?
Malware-wielding attackers reportedly hacked into a Taiwanese bank last week and transferred nearly $60 million via fraudulent SWIFT money-moving messages to accounts in Cambodia, Sri Lanka and the United States. Authorities say most of the stolen funds have been recovered.
If an NSA analyst took malware home and it was stolen from his home PC by a foreign intelligence agency, who are you going to blame? As the U.S. government's campaign against Kaspersky Lab intensifies, here are 10 facts, clarifications and likelihoods to keep in mind.
Hackers working for Russia gained access to the home computer of an NSA employee in 2015, pilfering highly classified material and spying code. U.S. officials claim Kaspersky Lab's software helped the hackers, but numerous questions remain unanswered. We round up the issues in play.
Advanced threats are overwhelming both IT organizational bandwidth and the capabilities of legacy antivirus tactics, particularly as the increasing number of endpoint devices used by employees expands attack surfaces.
How are organizations responding?
Download this study from Forrester and learn why:
Cybercriminals are evolving. Increasingly, they are capitalizing on the open and unprotected nature of the Domain Name System (DNS) to launch damaging phishing, malware, and ransomware attacks. How are you proactively protecting your network and users from these targeted threats? Here are five things to ask yourself...
It's likely not a matter of if, but when your company will fall prey to a targeted attack involving malware, ransomware, data exfiltration, or phishing. In fact, 70% of organizations reported a security incident that negatively impacted their business in the past year. Learn more about the realities of cybercrime in...
With the constant drumbeat of news reports about security breaches, cyber security is hard to ignore. Organizations understand that they need comprehensive security solutions, yet significant gaps remain. Malicious actors have evolved their methods to leverage the vulnerabilities of the Domain Name System (DNS), and...