Latest

Cybercrime

Cybercrime Markets Sell Access to Hacked Sites, Databases

Mathew J. Schwartz  •  September 21, 2018

One mystery with the recently discovered payment card sniffing attacks against such organizations as British Airways and Newegg has been how attackers might have first gained access to the victims' networks. But a number of cybercrime markets sell such access, in some cases for as little as 50 cents.

Business Continuity Management / Disaster Recovery

Scotland's Arran Brewery Slammed by Dharma Bip Ransomware

Mathew J. Schwartz  •  September 21, 2018

Scotland's Arran Brewery fell victim to a Dharma Bip ransomware attack that infected its Windows domain controller and crypto-locked files and local backups, leading to the loss of three months' worth of sales data. The brewery refused to pay the attackers' two bitcoin ransom demand.

►

Business Email Compromise (BEC)

Business Email Compromises Fuel Procurement Fraud

Nick Holland  •  September 21, 2018

Business email compromises have been at the center of a number of procurement fraud scams, says Allan Stojanovic, a security architect and analyst at the University of Toronto, who describes the fraud and why it's so difficult to thwart.

►

Cybersecurity

Defending Against Next-Generation DDoS Attacks

Nick Holland  •  September 21, 2018

DDoS attacks have increased significantly in scale via IoT botnet attacks. Gary Sockrider of Netscout Arbor discusses best practices for dealing with this significant threat.

►

Anti-Fraud

Using Machine Data Analysis to Detect Fraud

Nick Holland  •  September 21, 2018

Connecting the dots between disparate forms of machine data can prove to be valuable in discovering fraud patterns, says Jade Catalano of Splunk, who explains how.

General Data Protection Regulation (GDPR)

When Will GDPR Show Its Teeth?

Nick Holland  •  September 21, 2018

The latest edition of the ISMG Security Report takes a look at the EU's General Data Protection Regulation, including the outlook for enforcement and common misconceptions about its provisions.

Data Breach

'Magecart' Card-Sniffing Gang Cracks Newegg

Jeremy Kirk  •  September 20, 2018

Online retailer Newegg is investigating a malware attack that may have stolen customers' payment card details for more than a month. Security firms have traced the heist to Magecart, a loose affiliation of cybercrime gangs also tied to payment card data breaches at British Airways and Ticketmaster.

►

Breach Notification

Canada Prepares for New Breach Notification Era

Tom Field  •  September 20, 2018

November 1 ushers in a whole new era of breach notification requirements for Canada. What are the new standards, and how prepared are Canadian organizations? Attorney Imran Ahmad shares insights.

Breach Preparedness

Cybercrime: 15 Top Threats and Trends

Mathew J. Schwartz  •  September 19, 2018

Criminals operating online continue to target cryptocurrencies, leverage phishing and other social engineering attacks, as well as tweak age-old scams - including Nigerian prince emails - for the modern age. So warns Europol in its latest Internet Organized Crime Threat Assessment.

►

Breach Preparedness

New Hacker Exploits and How to Fight Them

Nick Holland  •  September 19, 2018

Hackers are constantly developing new exploits, and updating defenses is not an easy task. Dan Larson of Crowdstrike discusses some the new techniques hackers are using and how to fight them off.

►

Fraud

The Need for Security Collaboration

Nick Holland  •  September 19, 2018

Today's cybercriminals don't operate in silos, so why do companies? Saba Shariff of Symcor discusses techniques for greater collaboration on security.

►

General Data Protection Regulation (GDPR)

GDPR: The Global Impact on Privacy

Nick Holland  •  September 19, 2018

Richard Henderson of Infosec Global discusses the impact of the European Union's General Data Protection Regulation and how the law is influencing privacy frameworks globally.