The cybercrime sector involves a rapidly growing services economy that provides everything from bulletproof hosting and stresser/booter DDoS on demand, to ransomware-as-a-service and sites that offer to launder bitcoins via a process known as tumbling.
Two men have been arrested by Israeli police, at the request of the FBI, in connection with an investigation into the vDos site, which provided distributed denial-of-service - a.k.a. stresser or booter - attacks on demand.
Those who embrace good cyber hygiene in their personal lives are likely to be more aware of information security on the job as well, says Steve Durbin of the Information Security Forum, who'll deliver a keynote address at Information Security Media Group's Fraud and Breach Prevention Summit in Toronto.
The breach of porn site Brazzers - which allows users to swap fantasies in online forums - begs the question of how many users employed throwaway usernames and passwords. Some 1,446 U.S. military and 41 U.S. government email addresses were found in the data dump.
Vikrant Arora, CISO of NYC Health & Hospitals, offers the four most important questions a board must ask the CISO to get a good understanding of how the organization is addressing top cybersecurity concerns.
A lesson from down under: A report on unintentionally creating a distributed-denial-of-service attack aimed at oneself highlights the latest edition of the ISMG Security Report. Also, a report on interpreting HIPAA privacy standards more stringently.
A new research project called Amnesia tackles the password management problem by not storing full data in any one place where it can be hacked. But does this proposed solution truly offer better password security?
Implementing a successful cybersecurity strategy in light of advanced threats calls for operationalizing three key principles: visibility, identity and risk, says Zulfikar Ramzan, chief technology officer at RSA.
The Turkish government, following the failed military coup against it, has blocked access to the whistleblowing website WikiLeaks after it published nearly 300,000 emails tied to the country's ruling party. WikiLeaks says it accelerated the information release to protest "post-coup purges."
The 2016 RSA Conference Asia Pacific & Japan, to be held July 20-22 in Singapore, will offer a security road map, imparting lessons to practitioners to help them navigate through cybersecurity complexities. Here's a preview of some of the top session.
The federal agency that enforces HIPAA has been very busy lately, taking numerous steps to reiterate the importance of safeguarding patient data and stressing the need to prepare a breach response plan. But the agency still needs to improve transparency on breaches involving business associates.
As CSO and CTO of Arbor Networks, Sam Curry is in a rare position: He can set security strategy and then go out and find the tools to execute it. Where does the human factor enter the equation, and how must we re-think our traditional strategies?
As many as 250,000 credentials for Remote Desktop Protocol servers around the world may have been offered for sale on the now-shuttered xDedic cybercrime marketplace. So what can organizations do to mitigate related risks and avoid a major network intrusion?
Despite police disrupting alleged DDoS extortion gangs such as DD4BC, inexpensive stresser/booter services have enabled copycats to continue these attacks, says Akamai's Martin McKeay. Here's how organizations can defend themselves.