A Hollywood hospital acknowledges paying ransom to unlock data seized by attackers. But while experts generally caution against paying extortionists, some organizations do indeed fold under the pressure to get their critical data back quickly.
Kevin Haley, a researcher at Symantec, says the moneymakers behind Dridex are successfully infecting thousands of users worldwide on a monthly basis, purely through spam - making Dridex the most dangerous banking Trojan on the market today.
Antonin Scalia's replacement could help push the Supreme Court to reinterpret the Constitution's Fourth Amendment to make it harder for the government to surveil citizens online and seize their records stored on servers maintained by cloud service providers.
New electronic payment methods lead to huge security challenges. Experts suggest initiatives including deploying standard security controls at all levels, mandatory breach disclosure, and sharing best practices to secure gateways.
Here's more evidence of how a data breach can have a major financial impact. The bill for U.K. telecom giant TalkTalk's October 2015 data breach could be as much as $94 million, and the incident resulted in the loss of 95,000 customers.
Who is responsible for fraud losses resulting from business email compromise? Texas-based AFGlobal Corp. is suing its insurance firm to settle this question. Experts weigh in on the lawsuit and why cyber insurance rarely covers losses from these scams.
"We never negotiate" might be the expectation whenever law enforcement or government agencies get targeted by criminals or even "cyberterrorists." But outside Hollywood, the reality too often turns out to be far less rigid.
Sophisticated phishing campaigns, increasingly targeted because of social media, are fueling business email compromises - a growing wire fraud scheme that is attacking businesses worldwide, says Jim Hansen of PhishMe.
The Ukrainian energy sector is being targeted by fresh phishing attacks, the country's computer emergency response team warns. But it's not clear who's behind those campaigns, or a recent malware infection at Kiev's main airport.
Why do we continue to be so stupid about how we use passwords? A review of 2015 data breaches finds that it's not just users of infidelity websites who remain reckless with their password choices.
Common mistakes enterprises make while prescribing a security or information assurance policy may result in big security flaws. CISOs must define security policies that are practical and enforceable, evolved through consensus with the business.
The latest strain of Android malware called SlemBunk tries to trick mobile banking application users into sharing their banking, social network and other credentials, as security experts see the number of mobile malware attacks continuing to increase.
Attorneys general in nine states say card issuers should move to chip-and-PIN, rather than chip-and-signature, as they roll out EMV. But are other issues, such as wider use of encryption and tokenization, more worthy of attention?
As the unfolding investigation into the Paris attacks shows, just sharing threat-related data - without adding the crucial context that turns it into actionable intelligence - won't help organizations block attacks.
Discussions I recently moderated around mobile security indicate that Indian practitioners have significant doubts about the effectiveness and applicability of mobile security solutions such as MDM and others.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.