Reports of incidents related to fake SMS purportedly from income tax department have surfaced forcing cyber cops as well as CERT-In to issue advisory. This comes at a time when the income tax filing season is on.
With the rise of the industrial internet of things comes a far broader attack surface in the manufacturing sector. Chris Morales of Vectra outlines findings of a new report on cyberattack trends in the manufacturing sector.
As the HIPAA security rule turns 20, it's time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that's happened over the past two decades, says security expert Tom Walsh.
An analysis of the privacy issues Amazon will face as it dives deeper into the healthcare business leads the latest edition of the ISMG Security Report. Also featured: A preview of ISMG's Security Summit in New York Aug. 14-15.
Securing the public cloud is not as challenging as it used to be, but too many organizations are still taking the wrong approach, says Microsoft's Jonathan Trull. Understanding the shared responsibility model for security is critical, he says.
Security silos persist because stakeholders within the enterprise security ecosystem are focused on their own key performance indicators, says Abdallah Zabian of DXC Technology, who suggests a more holistic approach is needed.
The EU's General Data Protection Regulation has significantly raised privacy awareness worldwide in the brief time that it's been in force, says Rob Hinson of OneTrust. Organizations are revamping both internal and external privacy programs to meet the minimum global standard, he says.
Hubris has a new name: Bitfi. The cryptocurrency wallet-building company, backed by technology eccentric John McAfee, earned this year's not-so-coveted Pwnies Award for "Lamest Vendor Response" for how it mishandled security researchers' vulnerability disclosures. Bitfi has promised to do better.
The Forum of Incident Response and Security Teams recently announced the release of new training resources to help organizations build and improve product security incident response teams. Damir "Gaus" Rajnovic of FIRST discusses the global need for these resources.
Espionage: Every nation does it. But for nation-state hacking that targets intellectual property or interference in political affairs, the U.S. has been using criminal indictments against individuals as a diplomatic way of saying: "We see what you're doing, now knock it off." But does it work?
The FIN7 cybercrime gang regularly phoned victims, posing as buyers, to trick victims into opening phishing emails and attachments with malware, federal prosecutors allege. The group's success - 15 million stolen payment cards and counting - is one measure of how difficult these types of attacks are to block.