Latest

Biometrics: Authentication Silver Bullet or Skeleton Key?

Jeremy Kirk  •  May 25, 2017

Biometric identification is increasingly being woven into our lives, from immigration crossings to smartphones. But the systems are far from foolproof. Here's what to watch.

Big Data

Why Big Data, Machine Learning Are Critical to Security

Varun Haran  •  May 23, 2017

Big data and machine learning will play increasingly critical roles in improving information security, predicts Will Cappelli, a vice president of research at Gartner, who describes the reasons why.

Data Breach

After Outlasting Sweden, WikiLeaks Founder's Fate Murky

Jeremy Kirk  •  May 22, 2017

Sweden has ended a seven-year rape investigation against WikiLeaks founder Julian Assange. But it's far from the end of the legal troubles for the man whose spilling of secrets has shaped world politics.

Anti-Malware

US Congress Picks Up Pace on Cybersecurity Legislating

Eric Chabrow  •  May 19, 2017

Reports on how the U.S. Congress is taking steps to toughen cybersecurity lead the latest edition of the ISMG Security Report. Also, an analysis of a Government Accountability Office study on the IoT landscape and the security threats facing the internet of things.

ATM Fraud

Police Bust ATM Black Box Hacking Suspects

Mathew J. Schwartz  •  May 18, 2017

Police in Europe have arrested 17 suspects as part of an EU-wide investigation into ATM black box attacks, Europol says. These "jackpotting" or "cash-out" attacks use rogue hardware to trick ATMs into dispensing all of their cash on demand.

Fraud

Is WannaCry the First Nation-State Ransomware?

Jeremy Kirk  •  May 16, 2017

As computer security analysts begin to unwind the mystery behind the global wave of WannaCry ransomware, a familiar name has surfaced: Lazarus, the nickname for a suspected elite North Korean hacking group.

Anti-Malware

Before WannaCry, Cryptocurrency Miners Exploited SMB Flaw

Mathew J. Schwartz  •  May 16, 2017

Weeks before the WannaCry outbreak, other attackers unleashed malware that targeted the same SMB flaw in Windows. But instead of installing ransomware, this campaign instead infected endpoints with Adylkuzz cryptocurrency mining software, security researchers say.

Anti-Malware

Assistant to the President Makes Bold Cybersecurity Declaration

Eric Chabrow  •  May 16, 2017

The words of Assistant to the President Thomas Bossert, who boldly pledges to outdo previous administrations on improving federal government cybersecurity, lead the latest edition of the ISMG Security Report. Also, Microsoft's exasperation with the NSA over WannaCry ransomware.

Ransomware

Disney Is the Latest Cyber Extortion Victim

Mathew J. Schwartz  •  May 16, 2017

Disney is reportedly being targeted by cyber-extortionist hackers who have threatened to release a stolen, prerelease copy of the movie studio's fifth "Pirates of the Caribbean" film unless they receive a ransom, payable in bitcoins.

Endpoint Security

Post-WannaCry, Microsoft Slams Spy Agency Exploit-Hoarding

Jeremy Kirk  •  May 15, 2017

Microsoft's chief legal officer has slammed U.S. spy agencies, warning that civilians are at risk if governments stockpile libraries of software vulnerabilities that eventually fall into the hands of cybercriminals.

Business Continuity/Disaster Recovery

Ransomware: Your Money or Your Life

Mathew J. Schwartz  •  May 15, 2017

Criminals have long aimed to separate people from their possessions. So for anyone who follows ransomware, the WannaCry outbreak won't come as a shock. Nor will longstanding advice for surviving ransomware shakedowns: Prepare, or prepare to pay.

Ransomware

NHS Denies Widespread Windows XP Use

Mathew J. Schwartz  •  May 14, 2017

The massive WannaCry outbreak has led to allegations that some sectors and organizations, such as Britain's National Health Service, were widely infected because of widespread Windows XP use. In fact, unpatched Windows 7 systems may be partly to blame.