Security budgets continue to grow, but is it enough?
By: Sarah White Cybersecurity is an increasing concern in the enterprise as the number of high-profile breaches reported only grow each year. In 2015, there were a reported 781 data breaches in the U.S., making it the second highest year for security threats, according to data from the ISACA. And 40 percent of those data […]
U.S. says cybersecurity skills shortage is a myth
By: Patrick Thibodeau The U.S. government has released what it claims is myth-busting data about the shortage of cybersecurity professionals. The data points to its own hiring experience. In October 2015, the U.S. launched a plan to hire 6,500 people with cybersecurity skills by January 2017, according to White House officials. It had hired 3,000 […]
Security experts divided on ethics of Facebook’s password purchases
By: Mario Korolov Last week, Facebook CSO Alex Stamos told conference attendees in Lisbon that the company buys stolen passwords on the black market, and some security experts are questioning the ethics and benefits of this approach. “Paying for stolen passwords only reinforces the criminal business model and further encourages hackers to steal passwords,” said […]
Is critical infrastructure the next DDoS target?
By: Taylor Amerding The massive Distributed Denial of Service (DDoS) attack last month on Dyn, the New Hampshire-based Domain Name System (DNS) provider, was mostly an inconvenience. While it took down a portion of the internet for several hours, disrupted dozens of major websites and made national news, nobody died. Nobody even got hurt, other […]
Docker, machine learning are top tech trends for 2017
By: Paul Krill With 2017 fast approaching, technology trends that will keep gathering steam in the new year range from augmented and virtual reality to machine intelligence, Docker, and microservices, according to technology consulting firm ThoughtWorks. In its semiannual Technology Radar report published Monday, ThoughtWorks calls out four IT themes growing in prominence: Virtual reality […]
Why IoT devices are the ‘unusual suspects’ in DDOS attacks
By: Clint Boulton Recent cyberattacks that harnessed digital devices to cripple websites confirm the concerns cybersecurity experts have long expressed about the threat posed by the internet of things (IoT). Many connected corporate devices, from VoIP phones and connected printers to smart video conferencing systems, have outdated firmware and can be hacked in minutes, according […]
Darkweb marketplaces can get you more than just spam and phish
By: Ryan Francis The underground market Underground markets offer a great variety of services for cyber criminals to profit from. These forums offer items ranging from physical world items like drugs and weapons to digital world items such as spam/phishing delivery, exploit kit services, “Crypters”, “Binders”, custom malware development, zero-day exploits, and bulletproof hosting. The […]
Microsoft fleshes out seismic change to Windows patching
Gregg Keizer Microsoft has elaborated on the new patching policy for Windows 7 and Windows 8.1 that takes effect Tuesday. In a post to a company blog accompanied by graphics that resembled a periodic table, Michael Niehaus, a product marketing director for Windows 10, fleshed out the massive change in how Windows 7, the standard […]
Business transformation proves to be a catalyst for cybersecurity spending
By: George Hulme As enterprises accelerate their use of cloud computing, online services, and ready themselves for internet of things deployments, they are finding themselves strained to find the cybersecurity talent and security tools needed to secure these efforts. That’s one of the most important takeaways from the Global State of Information Security Survey (GSISS) […]
Diversified supply chain helps ‘Vendetta Brothers’ succeed in criminal business
By: Maria Korolov Even smaller criminal groups are using smart business tactics to help insulate them from risk, such as the Vendetta World online shop, which sells credit card numbers. According to a report released today by FireEye, the two criminals behind this operation are using relatively sophisticated business practices to evade prosecution and diversify […]