More hackers are exploiting remote-access and network vulnerabilities, rather than installing malware to invade networks and exfiltrate data, says Dell SecureWorks' researcher Phil Burdette. That's why conventional breach-detection tools aren't catching the intrusions.
International law enforcement agencies are warning banking institutions and businesses about extortion attacks being waged by an entity known as DD4BC, or DDoS for Bitcoin. They're advising organizations not pay any ransom and to notify their ISPs and law enforcement officials of any threats.
Information security experts offer two timely Apple iOS device reminders: First, never jailbreak the devices. Second, enterprise security managers must ensure that they ruthlessly block any jailbroken devices from accessing corporate networks because they pose a security risk.
Former U.S. Secret Service agent Shaun W. Bridges has pleaded guilty to stealing $820,000 worth of bitcoins during the U.S. government's investigation into the underground narcotics marketplace known as "Silk Road."
Because of commercial and governmental pressure to increase the use of electronic banking, cybersecurity risk is now the biggest challenge facing Singapore's financial institutions, says Lena NG of Clifford Chance.
Underground cybercrime forums continue to evolve, offering services ranging from cybercrime toolkits and money laundering to bulletproof hosting and a service that reviews exfiltrated data for corporate secrets, says cybersecurity analyst Tom Kellermann of Trend Micro.
Beyond APT30, another advanced threat group appears to be at work in India and the SEA region, targeting critical information assets. However, APT resiliency is not yet a part of the security lexicon, experts say.
The FBI has arrested a former manager at Machine Zone, which makes the multiplayer "Game of War: Fire Age," over allegations that he attempted to bargain sensitive corporate information for a better severance package.
With a majority of ATMs continuing to run on archaic WinXP platforms, questions arise around why these devices are not being built secure by design. EPS COO Prakash Joshi on ATM security challenges and developments.
The National Cyber Security Policy promotes public-private partnerships, but little progress has been made to nurture them. What are the key ingredients, and how can security leaders seed these efforts?
CISOs who want to keep more cyber-attacks from succeeding should focus on decreasing the half-life of vulnerabilities, which refers to the amount of time it takes half of all systems affected by a vulnerability to get patched. That's the advice from Qualys' Wolfgang Kandek.
Breached dating site Ashley Madison is offering a $500,000 reward for information relating to the attack. The FBI, which is leading the investigation, is treating the breach as a national-security matter.
What's Silicon Valley secret that helps innovative startups to thrive and grow? And how does the startup ecosystem in India compare? Here is the story of Fixnix - The Silicon Valley-based GRC startup from India.