A new report suggests that a Chinese cyber espionage APT attack group is behind a string of targeted ransomware infections that have slammed U.S. firms. Dig into the details, however, and the report is nothing but speculation, two security experts caution.
Advanced attacks are out, while persistent, relatively simple attacks are in. Despite all of the APT hype in recent years, cybercriminals, and especially nation-state attackers, prefer to keep things simple. Information security experts explain why.
The FBI calls ransomware "a prevalent, increasing threat." One recent campaign earned at least $325 million in global profits, while U.S. victims tell the FBI they paid $24 million in ransoms in 2015. And attackers are plowing profits back into improving their malicious code.
Hackers stole $100 million from the Bangladesh Bank after apparently obtaining payment-transfer codes and moving the money overseas in what experts say appears to be one of the largest bank heists in history.
Because of growing cybersecurity concerns, CISOs in the financial sector finally are getting more time with their boards of directors and more direct interaction with senior executives, says John Carlson, chief of staff at the Financial Services Information Sharing and Analysis Center.
nullcon has made a name for itself with its forward-looking philosophy - "The Next Security Thing!" We take a look at some of the hot sessions and events slated to take place at the security marathon this year.
Mass targeted attacks often need a big event as the pivot to grab the prospective victims' attention. Using the example such of a phishing campaign, Symantec's Narang shares insight on how low awareness impacts the region.
Blockchain technology used by bitcoin and other cryptocurrencies offers opportunities for enhanced authentication and ID management, as well as cross-border money remittances, says Ben Knieff of the consultancy Aite. But he contends it's not clear that the technology could play a role in faster payments.
Spear phishing, well-crafted socially engineered wire-transfer schemes and mobile-app overlay attacks will continue to escalate, which is why anti-phishing education is becoming increasingly critical, Dave Jevans of the Anti-Phishing Working Group says in this video interview.
The Justice Department's appeal of a court order that the government can't compel Apple to unlock an iPhone used by an accused drug dealer is significant because it sets in motion a process that could lead to a Supreme Court ruling on whether mobile device makers must give law enforcement an encryption backdoor.
An estimated half of all ransomware infection victims give in to criminals' ransom demands, thus enticing attackers to refine and continue their campaigns, warns Intel Security's Raj Samani in this video interview.
Webroot has just released its 2016 edition of its annual threat brief. In an exclusive interview, Michael Malloy, executive vice president of products and strategy, discusses the report and how its key findings will likely play out in the year ahead.
Malwarebytes has long been a force in the consumer space, but now its focus is on enterprise breach remediation. In this video interview, Pedro Bustamante explains the enterprise strategy and discusses proactive malware hunting.
The discovery of a serious flaw in Linux's GNU C Library demonstrates just how long serious flaws can persist in code that underpins the Internet infrastructure, warns Dan Kaminsky of White Ops in this video interview.