The 10th annual IRISSCERT Cyber Crime Conference, to be held Thursday in Dublin, promises to round up crime trends and also offer updates on incident response lessons learned, spam fighting and even cybersecurity essentials for children.
A database security blunder revealed on Friday serves as a reminder that the days of SMS-based authentication should be over. The exposed database, which wasn't protected by a password, contained 26 million text messages, many of which were two-step verification codes and account-reset links.
Voting in the United States carries a huge privacy cost: states give away or sell voters' personal information to anyone who wants it. In this era of content micro-targeting, rampant misinformation and identity theft schemes, this trade in voters' personal data is both dangerous and irresponsible.
A new, free decryptor has been released for "aggressive" crypto-locking ransomware called GandCrab. Researchers say GandCrab has come to dominate the ransomware-as-a-service market, earning its development team an estimated $120,000 per month.
The United States will soon officially have a single agency that takes the lead role for cybersecurity. Congress has passed legislation to establish the Cybersecurity and Infrastructure Security Agency within the Department of Homeland Security. The measure awaits President Trump's signature.
French film production and distribution company Pathe fired the two senior managers overseeing its Dutch operations after they fell victim to a business email compromise scam and approved $21 million in transfers to fraudsters. Many organizations remain at high risk from such scams.
U.S. Attorney General Jeff Sessions resigned on Thursday at the request of President Donald Trump. While long expected, the move raises questions about the fate of an ongoing investigation into Russia's election hacking.
Once again, a supposedly secure service allegedly marketed to criminals has proven to have limits. Dutch police have busted a "cryptophone" operation, allowing them to decrypt more than 258,000 encrypted chat messages, leading to a drug lab bust, 14 arrests and the seizure of cash, drugs and weapons.
Although the EU's General Data Protection Regulation only went into full effect on May 25, its mandatory privacy breach notifications are already having an effect on the cyber insurance marketplace, says Thomas Clayton of Zurich Insurance.
As we approach 2019, is it realistic to think the end of our dependency on traditional user names and passwords is in sight? Shane Weeden, and authentication expert with IBM Security, discusses the future of authentication and why he's encouraged by the FIDO2 initiative.
With the U.S. midterm elections occurring on Tuesday, the "trump" keyword remains king for spammers. "Spam campaigners understand the value of brands, and for spam as for ballots, and whether for or against, the election is all about Trump," security firm Proofpoint says.
The latest edition of the ISMG Security Report features Kevin McDonald of the Mayo Clinic discussing how to secure connected medical devices. Plus, updates on the indictments of Chinese agents for hacking and the unveiling of the Financial Services Sector Cybersecurity Profile.
Radisson Hotel Group has suffered a data breach that resulted in the theft of data for its global loyalty program members. The company, which operates 1,400 hotels, says the breach touched data for "less than 10 percent" of all Radisson Rewards members, but it hasn't released a victim count.
Scammers behind an ongoing "sextortion" campaign have been emailing a legitimate password - likely from a publicly leaked list - to victims with a threat to release a compromising video of the recipient unless they pay up in bitcoins, Barracuda Networks warns.
This week's edition of the ISMG Security Report features an analysis of whether the U.K.'s fine of Facebook for the Cambridge Analytica scandal is just the beginning of regulatory enforcement action. Plus: A potential settlement of Yahoo breach lawsuit and tips on securing data in the cloud.