If you want to anticipate a prospective hacker's moves, then you'd better be able to think like one. That's the position of Terry Cutler, an ethical hacker who dedicates his time to testing organization's cybersecurity defenses - and their people.
A report on the SEC targeting a Canadian company for fraud, alleging it cheated investors by exploiting a so-called Initial Coin Offering crowdsourcing funding system, leads the ISMG Security Report. Also, an NSA analyst pleads guilty in a case involving storing classified data on his home PC.
As data breaches increase in scale and frequency, businesses must ensure an effective, swift and well-orchestrated response. To help them, ISMG on Wednesday and Thursday will host a Fraud and Breach Prevention Summit in Mumbai offering insights from 20 leading CISOs and many other experts.
An employee of the NSA's Tailored Access Operations group has pleaded guilty to mishandling classified information. The material ended up in the hands of Russia after he copied it to his home computer, which had Kaspersky Lab's anti-virus software installed.
Roman Seleznev, the son of a Russian lawmaker who earlier this year received one of the longest sentences ever handed down in the U.S. for computer-related crimes, has been slammed with two more 14-year sentences. He was a key figured in the infamous Carder.su fraud marketplace.
Because cyberattacks continue to bypass next-generation security technologies, it's important not to underestimate the role humans play in attack detection and threat mitigation, says Rohyt Belani of PhishMe.
Canadian citizen Karim Baratov has pleaded guilty to targeting more than 11,000 webmail accountholders to steal their passwords, including targeting 80 Gmail accounts at the request of an alleged Russian intelligence agent tied to a 2014 hack attack against Yahoo that exposed 500 million accounts.
As data protection breaches have become daily headline news and everyone becomes increasingly sensitive about privacy, the regulatory regime is getting tougher. Data protection laws in Europe are more important than ever before - especially as the enforcement deadline of the EU GDPR looms.
RBI's recent move to mandate that all banks must use Aadhaar as the primary form of authentication for anyone accessing their bank account is stirring a debate about the long-term role of the authentication mechanism and associated data security issues.
The U.S. government has charged three employees of Chinese cybersecurity firm Boysec with stealing valuable intellectual property from Siemens, Moody's Analytics and Trimble. Security researchers say Boysec has been operating since 2007 and is also known as APT 3 and Gothic Panda.
Are you an accused Russian hacker who's been detained on foreign soil at the request of U.S. authorities? Bad news: While Mother Russia will go to court to try to bring you home, your odds of resisting U.S. extradition don't look good.
Like its mythological namesake, the source code for Zeus malware appears to be immortal. New variants continue to surface, including the Terdot banking Trojan, which is also designed to steal email and social networking credentials while remaining hidden.
HyphBot botnet malware is forcing infected PCs to sneakily view high-priced video ads, allowing fraudsters to reap upwards of $1.3 million in daily ad spending, a Danish advertising technology firm warns. The scheme highlights the challenges facing online advertisers seeking legitimate viewers.