Latest

Breach Preparedness

Perth Mint Says 3,200 Customers Affected By Data Breach

Jeremy Kirk  •  September 19, 2018

If you're going to hack, why not go for the gold? That appears to have been the impetus behind an unusual data breach at the government-owned Perth Mint in Western Australia, which says personal details for 3,200 customers stored in an old database were compromised.

►

Breach Preparedness

New Hacker Exploits and How to Fight Them

Nick Holland  •  September 19, 2018

Hackers are constantly developing new exploits, and updating defenses is not an easy task. Dan Larson of Crowdstrike discusses some the new techniques hackers are using and how to fight them off.

►

Fraud

The Need for Security Collaboration

Nick Holland  •  September 19, 2018

Today's cybercriminals don't operate in silos, so why do companies? Saba Shariff of Symcor discusses techniques for greater collaboration on security.

►

General Data Protection Regulation (GDPR)

GDPR: The Global Impact on Privacy

Nick Holland  •  September 19, 2018

Richard Henderson of Infosec Global discusses the impact of the European Union's General Data Protection Regulation and how the law is influencing privacy frameworks globally.

►

Application Security

Managing Open Source Risks

Nick Holland  •  September 19, 2018

Open source and third-party components help developers build and deploy applications faster. But with increased speed comes greater risks, says Chris Eng of CA Veracode, who offers insights on mitigating those risks.

General Data Protection Regulation (GDPR)

GDPR Compliance: Common Misconceptions

Marianne Kolbasuk McGee  •  September 19, 2018

Attorney Elizabeth Harding clears up confusion about certain provisions of the EU's General Data Protection Regulation, including the issue of when organizations need to obtain a European consumer's consent to process their data.

Encryption & Key Management

Intel Patches Firmware Flaw That Leaks ME Encryption Keys

Jeremy Kirk  •  September 14, 2018

Intel has had a challenging time lately on the vulnerability front. It has issued yet another patch for its Management Engine after a researcher was able to extract two types of encryption keys. The problem was a repeat of one that Intel patched just last year.

Breach Response

Equifax Breach: Key Lessons Learned

Nick Holland  •  September 14, 2018

The latest edition of the ISMG Security Report features an analysis of a new Government Accountability Office report on the causes of last year's massive Equifax breach. Also: An update on the role of tokenization in protecting payments.

Cybercrime

Romanian Hacker 'Guccifer' to Be Extradited to US

Mathew J. Schwartz  •  September 13, 2018

A Romanian court has ruled that the notorious hacker "Guccifer," who discovered the existence of Hillary's Clinton's private email server, will be extradited to the U.S. to serve a 52-month prison sentence after he finishes serving a seven-year sentence in his home country.

Cybercrime as-a-service

Russian Pleads Guilty to Operating Kelihos Botnet

Mathew J. Schwartz  •  September 13, 2018

Russian national Peter Levashov, who was arrested in Spain last year and extradited to the U.S., has admitted to a two-decade crime spree that included running multiple botnets that harvested online credentials while also pumping out spam, banking Trojans and ransomware.

General Data Protection Regulation (GDPR)

Fresh GDPR Complaints Take Aim at Targeted Advertising

Jeremy Kirk  •  September 13, 2018

A web browser startup, Brave, has filed complaints in Europe alleging Google and other behavioral advertising companies are violating Europe's GDPR. Brave's complaints could set up one of the biggest battles so far over how personal data gets used - or abused - for targeted advertising.

►

Authentication

The Role of Password Management

Tom Field  •  September 13, 2018

Password management is a critical component of a security strategy that some organizations still find challenging, says Gerald Beuchelt of LogMeIn Inc.