The best approach to building a security policy is by using a comprehensive, layered approach that covers all threats (both new and known). This policy needs to leverage real-time threat intelligence by addressing all threat vectors and all platform types as workloads migrate from physical to virtual to...
The drop in value of stolen payment cards caused cyber criminals to adopt new tools, foremost among them ransomware. Having already caused a financial drain of $209,000,000 in just one quarter, organizations of all sizes are at risk.
Download this infographic to see:
Why ransomware-as-a-service is a new risk;
Intercontinental Hotels Group says that in addition to 12 hotels that it directly manages suffering a point-of-sale malware outbreak that began in 2016, 1,200 IHG-branded franchise hotel locations in the United States were also affected.
An analysis of British Home Secretary Amber Rudd's call for law enforcement to gain access to encrypted communications services, such as WhatsApp, leads the latest edition of the ISMG Security Report. Also, a preview of ISMG's Fraud and Breach Prevention Summit in San Francisco.
Following last week's Westminster attack in London, British Home Secretary Amber Rudd is demanding that police and intelligence agencies be given on-demand access to end-to-end encrypted communications services such as WhatsApp.
Although developed as a core technology underlying the infamous bitcoin, the blockchain ledger mechanism is proving to have a multitude of potential use cases, from IoT micropayments to capital market trading, retail banking and even voting. The bitcoin blockchain is, in effect, a distributed ledger, shared with...
Secure sockets layer (SSL) and transport layer security (TLS) have become an integral part of the internet, and adoption rates have skyrocketed. More than 45% of websites are encrypted today (up from 30% in October 2015) and 40-50% of enterprise traffic is encrypted, compared to just 25%-35% in 2013. This growth...
Under HIPAA, the theft or loss of encrypted computing or storage devices is not considered a reportable data breach. But a recent incident at a Kentucky-based healthcare organization demonstrates that making a determination on whether an incident is a reportable breach isn't always clear-cut.
A man who allegedly used a smartphone with a Tor proxy and VPN client to hide his online activities has been arrested and charged with narcotics distribution after U.S. Postal Service employees spotted him mailing large numbers of envelopes while wearing latex gloves.
A federal watchdog agency review of the Massachusetts Medicaid information security program identified weaknesses that appear to be common at government agencies as well as healthcare organizations. What key vulnerabilities were identified?
So far in 2017, hacking incidents continue to affect the largest number of individuals impacted by major health data breaches. Meanwhile, incidents involving unencrypted computing devices continue to decline, according to the federal breach tally.
A new release from WikiLeaks - of what's alleged to be classified material from the CIA - has seemingly exposed some of the agency's most sensitive hacking projects and malware capabilities. Technology experts are scrambling to assess the impact, as well as WikiLeaks' claims.
The European Union's General Data Protection Regulation, which will be enforced beginning in May 2018, will affect organizations throughout the world because it applies to any company that handles Europeans' personal data, says Fred Kost of HyTrust.
Researchers have demonstrated the first practical attack against the SHA-1 cryptographic hash function. While security experts had already recommended dropping SHA-1, some browsers and other security tools still rely on it.