E-commerce retailers face an ongoing battle: Their websites are constantly hit by bots using stolen credentials to try to take over accounts. What can companies do to protect themselves? Akamai's Michael Smith offers advice.
As Europe counts down to implementing its General Data Protection Regulation, which will require EU-wide data breach notifications for the first time, similar efforts to enact a single federal law in the United States remain stalled.
LinkedIn failed to force all users to reset their passwords after a 2012 breach of at least 6.5 million credentials came to light. But it turns out the breach actually compromised 167 million accounts. Whoops.
For years, we have been talking about why corporate boards of directors should pay much greater attention to the issue of information security. Could a new cybersecurity assessment app help get board members involved?
Just six months after law enforcement agencies coordinated a takedown to disrupt online banking credential theft linked to the banking Trojan Dridex, the malware has re-emerged with new attack tactics and new targets, researchers say. U.S. bank accounts and businesses are now primary targets.
A report that the $81 million Bangladesh Bank heist was linked to customized malware has raised questions about the security of SWIFT transactions. But the more critical issue, fraud experts say, is the need for banks to have proper security controls in place to detect and prevent network intrusions.
What could be worse than a ransomware infection? How about getting infected by "torture ransomware" that uses a sadistic puppet to taunt you, slowly deleting your encrypted files while increasing the ransom demand until you pay?
A recent spate of spam emails has been tricking users into installing JavaScript-based downloaders, which then download and install Locky and TeslaCrypt ransomware, Microsoft warns. Security experts detail top defenses.
Apple's QuickTime media player and web browser plug-in should be immediately expunged from all Windows systems, security experts warn, in a reminder of the dangers of using outdated software - especially web browser plug-ins.
Even with the exponential increase in what technology can achieve in fighting security threats and fraud, a recent discussion with practitioners suggests that insider risk remains the biggest issue giving practitioners sleepless nights.
Enacting legislation to compel tech companies to help law enforcement decrypt data on mobile devices would diminish America's standing as a moral leader in the world, a nation looked up to by billions of people, even with our many flaws.
Tools and techniques need to be identified to aid law enforcement in gathering evidence from devices, such as smartphones, while safeguarding the security and privacy of individuals. Can stakeholders find that middle ground?
As ISMG's Data Breach Summit Asia 2016 in Bangalore wrapped up, security practitioners seemed excited to seek answers from experts on the challenges bothering them while putting a breach response plan in place.
nullcon has made a name for itself with its forward-looking philosophy - "The Next Security Thing!" We take a look at some of the hot sessions and events slated to take place at the security marathon this year.
It's springtime in San Francisco: cue the annual RSA Conference. Here are some notable trends that have already emerged from the event, ranging from ransomware and phishing attacks to hacker self-promotion and Facebook fakery.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.