A former cybersecurity analytics specialist at health insurer Anthem, which experienced a massive data breach, offers insights on key steps organizations should take to avoid becoming the next breach victim in the headlines.
A sloppy spamming operation has exposed on a server in the Netherlands a batch of files that includes more than 700 million email addresses and some associated account passwords. It's perhaps the largest batch of email addresses ever found in one spot.
Password security guidance: Do block users from picking commonly used passwords. But to avoid a usability nightmare, don't block users from picking any password that's ever been seen in a data breach, security experts advise.
Hackers have been targeting the Scottish Parliament in a "brute force cyberattack" aimed at guessing users' email passwords. Security experts say it's unlikely that state-backed attackers would resort to such a blunt assault.
Healthcare organizations can learn important lessons - including the need for granular data access control - from the costly proposed settlement of the breach lawsuit against health insurer Anthem, says Bill Fox, a former federal prosecutor.
It's a red-faced moment for FireEye. The company says an investigation reveals that an attack against an analyst's personal online accounts was enabled by the employee's continued use of compromised login credentials.
Expert speakers at ISMG's Fraud & Breach Prevention Summit in Delhi will tackle such important subjects as assessing organizational breach preparedness, early detection via effective threat hunting, leveraging machine learning to protect data and the latest breach trends.
A new report into the state of consumer routers by Carnegie Mellon researchers is unsparing in its criticism: It's a market of lemons, and virtually all of the test models had security problems. What's the solution?
The working group set up by the ministry of finance has released its recommendations for shaping the computer emergency response team in the financial sector, prescribing an exhaustive cybersecurity framework to help organizations prevent breach incidents.
Opportunistic attackers may have breached some Parliament email accounts by brute-force guessing their way into accounts with weak passwords. But such a breach is hardly the "cyberattack" some are making it out to be.
The back story behind the ransom attack that led to the unauthorized early release of the Netflix series "Orange Is the New Black" is a cautionary tale in dealing with cyber extortionists such as The Dark Overlord.
Microsoft has sought to get in front of a brewing controversy over whether it unfairly disables third-party anti-virus products in Windows 10. The company is seeking to dampen charges that are reminiscent of its years-long legal tangles with global antitrust regulators.