The latest edition of the ISMG Security Report analyzes why clothing retailer H&M was hit with a hefty fine for violating the EU's General Data Protection Rule. Also featured: The coming of age of digital identities; deputy CSO at Mastercard on top priorities for 2021.
She was deputy CIO at the White House and served as CISO at Xerox. Now, as deputy CSO at Mastercard, Alissa "Dr. Jay" Abdullah opens up on the accomplishments of her first year as well as new leadership techniques and strategies for refining talent and tools.
Ransomware has emerged as the No. 1 online threat targeting public and private organizations this year. Seeking maximum returns, more gangs have moved beyond opportunistic attacks to target organizations with "post-intrusion ransomware." Meanwhile, many victims fail to report such crimes to police.
A recent ransomware attack on a provider of software used by firms involved with COVID-19 vaccine development and other drug clinical trials illustrates increasing cyberthreats facing medical industry supply chain partners.
Despite the shift to e-commerce during the pandemic, attacks against POS devices persist. For example, Visa's payment fraud disruption team uncovered recent malware attacks on POS devices used by two North American hospitality companies.
Privacy regulators in Germany have slammed clothing retailer H&M with a $41 million fine for collecting and retaining private employee data in violation of the EU's General Data Protection Regulation. H&M has apologized, instituted changes and promised to financially compensate employees.
A new malware variant dubbed Black-T developed by the hacker group TeamTnT targets exposed Docker daemon APIs to perform scanning and cryptojacking operations, according to researchers at Palo Alto Networks' Unit 42.
In this year of accelerated transformation, many enterprises have adopted and adapted to software-defined networking. Daniel Schrader of Fortinet and Daniel Cooke of Vandis discuss how they have partnered to empower networking transformation.
As Universal Health Services continues to recover from an apparent ransomware incident last weekend that affected system access for hundreds of its facilities, security experts say others can learn important lessons from the company's experience.
McAfee is set to become a public company once again, with the cybersecurity firm filing for an IPO with the U.S. Securities and Exchange Commission to trade under "MCFE" on the Nasdaq Stock Market. Separately, Ivanti announced that it would buy security firms MobileIron and Pulse Secure.
William Dixon of the World Economic Forum is calling for the formation of a "quantum computing security coalition" to help build trust in the technology, which could play a key role in enhancing security.
Microsoft removed 18 apps from its Azure cloud platform that were being used by hackers as part of their command-and-control infrastructure. The threat group, called Gadolinium, was abusing the infrastructure to launch phishing email attacks, Microsoft researchers say.