Critical systems are under attack from external and insider threats. No access or transaction should go unchecked. That's why former federal CISO Gregory Touhill advocates the broad adoption of zero-trust security in the public and private sectors.
Fifteen of the world's biggest "stresser/booter" services, designed to enable users to launch DDoS attacks against sites on demand, have been shut down, and three men who allegedly ran such services have been charged.
Will the newly introduced Data Care Act prove to be a viable U.S. equivalent to the EU's General Data Protection Regulation, or is it destined to fail? An analysis leads this edition of the ISMG Security Report, which also features reports on robotic process automation and Mastercard's "fusion center."
Account takeover is a rapidly growing arena for cybercriminals. How can organizations strengthen both authentication and authorization? Scott Olson of iovation, a TransUnion Company shares his insights.
The U.S. Department of Justice on Thursday unsealed an indictment charging two Chinese nationals in connection with APT10 or Cloud Hopper, a cyber espionage campaign, alleging they acted in association with a government agency.
Facebook violated consumer protection law by failing to protect personal data that consumers thought they'd locked down, the District of Columbia alleges in a new lawsuit. Plus, Facebook is disputing a New York Times report that it ignored privacy settings and shared data with large companies without consent.
For the past three years, hackers have been intercepting sensitive diplomatic cables sent between EU member states after stealing passwords for accessing the EU network via a phishing attack against diplomats in Cyprus, The New York Times reports.
Twitter says that an unspecified number of its users may have been targeted by state-sponsored hackers seeking to unmask their identity. Separately, Trend Micro says Twitter has blocked an account that was posting image memes designed to remotely control malware-infected PCs.
The battle against Russian disinformation is far from over. Two in-depth Senate reports have revealed that such campaigns continue despite efforts by social media companies to cleanse their platforms. Researchers say Facebook's Instagram may be the next battleground.
DigiCert just conducted a global study of how organizations across sectors are approaching IoT security. What are some of the best practices of the organizations that emphasize securing connected devices? Mike Nelson of DigiCert shares the findings.
Super Micro Computer says a third-party audit of its recent and older motherboards has not turned up evidence of a spying chip as alleged in an explosive report two months ago by Bloomberg BusinessWeek. Bloomberg, however, has stood by its story despite no physical example of the malicious chip turning up.