The Trump administration has belatedly announced that hackers tied to the government of North Korea were behind the WannaCry ransomware outbreak that began in May and infected more than 200,000 endpoints across 150 countries. Why is the White House only now airing its attribution?
The latest ISMG Security Report leads with a report on a malware attack on an industrial safety system that experts contend could threaten public safety. Also, legislation giving DHS's cybersecurity unit a meaningful name progresses through Congress.
With just a few months left until the EU's General Data Protection Regulation will be enforced, too many so-called "experts" are spreading fear and falsehoods about the regulation, says Brian Honan, a Dublin-based cybersecurity consultant, who clarifies misperceptions in an in-depth interview.
A new U.S. law signed by President Donald Trump prohibits federal agencies from running anti-virus software from Moscow-based Kaspersky Lab. The company criticized the action, saying it's being singled out based solely on where its corporate headquarters is located.
Most of the criminal activity targeting today's enterprises originates at the endpoint, and the majority of modern breaches use known threats or vulnerabilities for which a patch already exists. For this reason, endpoint visibility must be complete and continuous.
Cybercriminals continue to rely on individuals who undertake the risky operation of moving illicit proceeds from one location to another. But these "money mules" face a multitude of risks, including imprisonment, police warn.
The latest ISMG Security Report features a special report on securing medical devices. Healthcare security leaders from the FDA, an academic medical center and a medical device manufacturer share their insights on the challenges involved.
The hacker to whom Uber paid $100,000 to destroy data and keep quiet about its big, bad breach is a 20-year-old man living in Florida, Reuters reports. But numerous questions remain about the 2016 breach, including whether the payment was a bug bounty, extortion payoff or hush money.
A 10-member government-appointed committee in India has drafted a white paper that includes recommendations for components of a new data protection law. The government is seeking feedback on the report through Dec. 31.
If you want to anticipate a prospective hacker's moves, then you'd better be able to think like one. That's the position of Terry Cutler, an ethical hacker who dedicates his time to testing organization's cybersecurity defenses - and their people.
As data breaches increase in scale and frequency, businesses must ensure an effective, swift and well-orchestrated response. To help them, ISMG on Wednesday and Thursday will host a Fraud and Breach Prevention Summit in Mumbai offering insights from 20 leading CISOs and many other experts.
Next year, the Singapore parliament will consider a cybersecurity bill that was revised after government officials reviewed numerous public comments on a draft version. The purpose of the bill is to establish a framework for the oversight and maintenance of cybersecurity in the government and the private sector.