Hear ISMG editors untangle the various elements in the Shadow Brokers-Equation Group saga, evaluate a new anti-ransomware tool and reflect on the 10th anniversary of the PCI Security Standards Council in this edition of the ISMG Security Report.
In an in-depth interview, Ron Ross of the National Institute of Standards and Technology explains pending revisions of guidance on how organizations outside the U.S. government should protect sensitive federal data.
Cybercriminals wielding Locky crypto-locking ransomware are ramping up their assaults, especially in the healthcare sector, according to FireEye. Attackers are distributing less banking malware and more ransomware, researchers say.
The Equation Group leak revealed a zero-day flaw in Cisco's firewall software - a patch is being prepped - as well as a vulnerability in Fortinet's software that's since been patched. Has the U.S. government long known about the flaws?
Sam Lodhi, director at niche services firm IBRS, speaks about adapting biological cybernetics to help management understand information security risk better and how cybernetics can be applied to other verticals.
SWIFT screwed up. That's the takeaway from a new report into the Brussels-based cooperative, which alleges that the organization overlooked serious concerns relating to smaller banks' security and the risks they posed to the health of its entire network.
Vikrant Arora, CISO of NYC Health & Hospitals, offers the four most important questions a board must ask the CISO to get a good understanding of how the organization is addressing top cybersecurity concerns.
In mulling whether to designate the U.S. electoral system as critical infrastructure, the question arises whether those additional safeguards should focus solely on the voting process itself or be extended to other components, such as political parties.
Malware researcher Ivan Kwiatkowski unleashed ransomware on tech-support scammers after his parents stumbled across a site warning they'd been infected by Zeus. Despite the feel-good factor, however, security experts advise against hacking back.
If intelligence or law enforcement agencies know that an organization's information systems are being attacked, when should they alert the victim, if at all? What if the victim is a political party? Here's a look at the issues raised by the Democratic National Committee hack investigation.
Is the recent breach at HEI Hotels & Resorts linked to the hack of POS systems provider MICROS? And have other POS vendors been breached as well? Security experts offer their analysis and size up vendor vulnerabilities.
A lesson from down under: A report on unintentionally creating a distributed-denial-of-service attack aimed at oneself highlights the latest edition of the ISMG Security Report. Also, a report on interpreting HIPAA privacy standards more stringently.
An unparalleled mystery has piqued the security community's curiosity. A group calling itself the "Shadow Brokers" claims to have stolen code and exploits from the Equation Group, a nation-state spying group suspected to be affiliated with the NSA.