Much of the friction between CISOs and their general counsels, according to Ron Raether, partner at Troutman Pepper, is the result of ignorance. General counsels don't understand the full extent of IT and information security and often pin the blame on the CISOs, who become the scapegoats.
Hackers are attempting to infect a consumer-grade Wi-Fi router model with Mirai botnet malware following the discovery of zero-days in the device in a December hacking competition. TP-Link released a patch in mid-March. Telemetry shows infections in Eastern Europe and elsewhere.
An obscure routing protocol codified during the 1990s has come roaring back to attention after researchers found a flaw that would allow attackers to initiate massive distributed denial-of-service attacks. Researchers from Bitsight and Curesec say they found a bug in Service Location Protocol.
Six individuals - including five former employees of a Tennessee healthcare organization - have pleaded guilty to criminal HIPAA violations in an alleged scheme involving the sale of motor vehicle accident patient information to third parties. One of the defendants has been sentenced so far.
Iranian hackers are deploying an updated backdoor apparently targeting Israeli academic researchers with an interest in Iraq. A group's newly dubbed "Educated Manticore" is sending Iraq-themed bait to coax deployment of an implant known as PowerLess.
OT attacks have doubled. Mark Cristiano, global commercial director of cybersecurity services at Rockwell Automation, discusses how organizations can develop a strategic approach to OT security that aligns with their risk profile, cyber maturity and ability to absorb change.
ISMG editors are live at RSA Conference 2023 in San Francisco with an overview of the latest speakers and hot topics, including the continuing conversation about generative AI and the decline and fall of blockchain. Join us for daily updates from San Francisco.
Cybersecurity is "a full-time task" that requires a lot of discipline, says Ajay Sabhlok, CIO and chief digital officer at Rubrik. He discusses tips for increasing your company's cyber maturity, ideas about how CIOs and CISOs can align, and advice on what not to do, such as pay a ransom.
An Indian court convicted 11 people for their roles in the North Korean heist of $13.5 million in 2018 from Pune-based Cosmos Cooperative Bank. The United Nations attributed the thefts to North Korea, which uses criminal activity, including financially motivated hacking, to obtain hard currency.
The United Kingdom should augment its cryptocurrency asset seizure abilities as part of an effort to combat ransomware and other cybercrime, a parliamentary panel heard. The rate of seizures is not commensurate with the level of crypto adoption, said Aidan Larkin, CEO of Asset Reality.
Quantum computers and chatbots, as well as hype around blockchain, were topics discussed during The Cryptographers' Panel at RSA Conference 2023. For anyone who needs to keep data secure for more than 30 years, advice from panelist Adi Shamir was simple: Don't rely on public key cryptography.
ChatGPT is "amazing" and "has reformed the way we interact with computing," says Nikesh Arora, chairman and CEO of Palo Alto Networks. But to get value from AI and to use it to make the SOC more proactive, we need to have a lot of data - and pay attention to what it's telling us, he says.
Testifying before Congress in 1991, Winn Schwartau coined the term "electronic Pearl Harbor." The chief visionary officer of The Security Awareness Company stands by his prediction, pointing to a mounting number of attacks. Now the world needs to worry about security and privacy in the metaverse.
ChatGPT may be grabbing headlines, but many security practitioners are still skeptical about AI. ISMG editors at the RSA Conference 2023 in San Francisco discuss the hot topics this year, from the looming risk of the metaverse and our reality to the latest approach to cloud development.
The high-profile Equifax breach happened nearly six years ago. Jamil Farshchi, CISO of Equifax, discusses how the firm invested $1.5 billion, hired new staff and improved governance to prevent future attacks, but he says security organizations need to enter a new era of cooperation and transparency.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing fraudtoday.io, you agree to our use of cookies.