A discussion that explores the predicament many information security managers face when deciding which security technologies to buy in a glutted market leads the latest edition of the ISMG Security Report. Also: An update on cyber flaws in connected vehicles and the latest from Infosecurity Europe.
Russian anti-virus vendor Kaspersky Lab has filed two antitrust complaints against Microsoft in Europe, contending that the company has engineered Windows 10 to favor its preinstalled malware-fighting program, Windows Defender.
A just released update to the FFIEC's Cybersecurity Assessment Tool helps make meeting regulators' demands for "baseline" cybersecurity more attainable, says Amy McHugh, a bank adviser and former IT examination analyst for the Federal Deposit Insurance Corp.
Flaws in Subaru's telematics software, discovered by a security researcher, could have been exploited to unlock the doors or provide remote access to a car's location history. The problems - now fixed by Subaru - underscore carmakers' ongoing cybersecurity challenges.
The annual Infosecurity Europe conference returns to London this week, offering discussions of the latest information security practices, procedures and technologies as well as deep-dives into privacy, cybercrime, policing, surveillance, GDPR and more.
Kmart has suffered a data breach affecting "some, not all" of its 735 U.S. locations as a result of its point-of-sale systems being infected by malware designed to siphon payment card data. The retailer described the malware as "undetectable by current anti-virus systems and application controls."
Two researchers who launched a crowdsourced effort to subscribe to the Shadow Brokers' monthly leak of stolen Equation Group exploits - on behalf of the entire information security community - have dropped their effort, citing legal concerns.
Two security researchers are attempting to crowdfund a recurring subscription fee to Shadow Brokers' monthly exploit dump club in hopes of helping to prevent or blunt future outbreaks of the WannaCry variety. Cue ethical debate.
A cyber-espionage campaign apparently linked to Russia has targeted more than 200 people in 39 countries and leaked victims' stolen information - sometimes in altered form - as part of a disinformation campaign, according to privacy researchers at Citizen Lab.
Russian threat intelligence firm Group-IB alleges that North Korea is behind recent attacks against financial institutions in Europe employing fraudulent SWIFT messages. But other experts caution that such conclusions shouldn't be made solely based on technical data.
Chris Sibila of Elements Financial Credit Union says thwarting socially engineered schemes waged against call centers as well as debit fraud linked to card breaches spurred the financial institution to hire its first full-time fraud investigator, who's already helping to curb fraud losses.
Restaurant chain Chipotle Mexican Grill says customers' payment card data was stolen via point-of-sale malware installed at the vast majority of its more than 2,000 restaurant locations for more than three weeks.