Ashley Madison, the extramarital online hookup service breached by attackers in 2015, has agreed to bolster its information security and data retention practices after regulators in Australia and Canada ruled that the site violated local privacy laws.
Hear ISMG editors untangle the various elements in the Shadow Brokers-Equation Group saga, evaluate a new anti-ransomware tool and reflect on the 10th anniversary of the PCI Security Standards Council in this edition of the ISMG Security Report.
SWIFT screwed up. That's the takeaway from a new report into the Brussels-based cooperative, which alleges that the organization overlooked serious concerns relating to smaller banks' security and the risks they posed to the health of its entire network.
Vikrant Arora, CISO of NYC Health & Hospitals, offers the four most important questions a board must ask the CISO to get a good understanding of how the organization is addressing top cybersecurity concerns.
Malware researcher Ivan Kwiatkowski unleashed ransomware on tech-support scammers after his parents stumbled across a site warning they'd been infected by Zeus. Despite the feel-good factor, however, security experts advise against hacking back.
An unparalleled mystery has piqued the security community's curiosity. A group calling itself the "Shadow Brokers" claims to have stolen code and exploits from the Equation Group, a nation-state spying group suspected to be affiliated with the NSA.
FireEye CEO Kevin Mandia has blamed his company's lower-than-expected quarterly revenue on the rise of ransomware and cyber extortion attacks and a decline in APT campaigns. Experts debunk those assertions.
A new research project called Amnesia tackles the password management problem by not storing full data in any one place where it can be hacked. But does this proposed solution truly offer better password security?
It's easy to look at the payments landscape and see only the flaws. But payment card security has come a long way in the past 10 years, thanks in large part to the PCI Data Security Standard. How will card security be refined in the coming decade?
In today's environment, federal and state regulators come at breached companies from all angles, with requests for investigative information, breach response plans and fines. Attorney Deborah Gersh explains why so many agencies stake their claims in breach response.
Obviously, ransomware attackers have no scruples. But the latest attacks go to even further extremes, channeling everything from Hitler to cats, as attackers hone their attempts to shake down Windows and Android users alike.
The apparent breach of a system support portal used by Oracle MICROS to remotely access and service MICROS point-of-sale systems has raised more questions than answers. What actually happened? Which data was compromised? And who waged the attack?
Unlike other malware, ransomware practically screams and shouts at victims, and that distinct behavior holds promise for helping to better detect and block ransomware infections, according to Northeastern University security researchers.