Most companies have huge gaps in their cyber security defenses, and can be compromised at will by a determined hacker. The industry even has a term for it: "Assume Breach".
Join Roger A. Grimes, a 30-year computer security consultant, for this webinar where he explores the latest research on what's wrong with current...
The NIS Directive, effective since May 2018, aims to standardize the security practices of Essential Services entities and their digital service providers to better defend against cyber attacks. Privileged Access Management (PAM) is a critical aspect of cyber defense, and responds to many of the NIS Directive's most...
Insecure implementations of Remote Desktop Protocol have exposed organizations to serious risks of cyber attacks. Ransomware like SamSam and cryptominers like CrySis exploit insecure configurations, resulting in large and well-publicized breaches like the one that occurred at LabCorp. Because of the nature of Remote...
The Trump administration has launched a public awareness campaign, spearheaded by the National Counterintelligence and Security Center, urging the U.S. private sector to better defend itself against nation-state hackers and others who may be trying to steal their sensitive data or wage supply chain attacks.
Hundreds of members of the German parliament, Chancellor Angela Merkel as well as numerous local celebrities have had their personal details and communications stolen and leaked online as part of what authorities are calling an attack on the country's democracy and institutions.
Account takeover is a rapidly growing arena for cybercriminals. How can organizations strengthen both authentication and authorization? Scott Olson of iovation, a TransUnion Company shares his insights.
Facebook violated consumer protection law by failing to protect personal data that consumers thought they'd locked down, the District of Columbia alleges in a new lawsuit. Plus, Facebook is disputing a New York Times report that it ignored privacy settings and shared data with large companies without consent.
The latest edition of the ISMG Security Report features an analysis of the validity of reports that China is behind the massive Marriott data breach. Also: Fascinating details in a Congressional report on the Equifax breach, and a clear explanation of "self-sovereign identity."
An update on the hacking of email accounts of four senior aides within the National Republican Congressional Committee leads the latest edition of the ISMG Security Report. Also featured: An analysis of when the first major fines for violations of the EU's GDPR could be issued.
A batch of documents meant to be kept under court seal lays bare Facebook's strategic brokering of access to user data to reward partners and punish potential rivals. The material also demonstrates Facebook's views at the time on privacy and the risks of leaking data.
In the latest edition of the ISMG Security Report, hear prosecutors discuss the indictments of two Iranians in connection with SamSam ransomware attacks. Also: Updates on allegations that Google is violating GDPR and cryptocurrency's impact on crime trends.
As the global eCommerce market grows and fraudster methodology evolves, new fraud management approaches and tools are being introduced at a fast pace. Trying to stay on top of developments in the eCommerce fraud prevention landscape can be overwhelming and time consuming.
This guide is a comprehensive series of...
The financial services industry is in the midst of sweeping change. Earlier this year, we saw one of the latest shifts with the introduction of the European Union's revised Payment Services Directive (PSD2). PSD2's Strong Customer Authentication (SCA) section requires two factors for authentication.
The 10th annual IRISSCERT Cyber Crime Conference, to be held Thursday in Dublin, promises to round up crime trends and also offer updates on incident response lessons learned, spam fighting and even cybersecurity essentials for children.