War stories, part 2: Cutting the phishing lines

Phishing is becoming more sophisticated and personalized. In the past, would-be phishing victims often received generic emails instructing them to sign a contract or take action to renew their expired credit cards. But now, a campaign might be continually refined so that it targets a single person, making it much more effective than the traditionalRead more

Ransomware attacks will persist even though WannaCry has died down

The WannaCry ransomware swept through Europe and Asia in mid-May, locking the critical systems of the National Health Service in the U.K., Telefonica in Spain and many other organizations around the world, unless they paid the Bitcoin fine it demanded. However, WannaCry infections were quickly brought under control as malware researchers identified several preventive measures and mitigation techniquesRead more

War stories, part 1: Cyber sentinels on call 24/7

Look away for just one second, and you risk infection. This was a key piece of wisdom provided by Sam McLane, head of security engineering at Arctic Wolf Networks, during a recent webinar titled "War stories from the trenches – case studies from a security ops perspective." McLane opened up with a timely sentiment: thatRead more

What you need to know about NIST Small Business Cybersecurity Act

Small and medium-sized businesses have been a focal point in recent discussions about cybersecurity, and for good reason: More than half of the data breach victims referenced in Verizon's Data Breach Investigations Report 2017 were companies with 1,000 or fewer employees. According to recent research cited by DarkReading, one-third of SMBs offer no form of cybersecurity trainingRead more

How SMB banks can defend against SWIFT breaches

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) messaging system has frequently made headlines in the past year, and usually not for good reasons: In 2016, more than $80 million was stolen from Bangladesh Bank via rogue SWIFT transfers. While SWIFT's actual infrastructure was not breached in this case, local bank offices in Bangladesh wereRead more

Hungry hungry HIPAA: Dealing with an influx in noncompliance fines

As if health care organizations didn't have enough IT woes on their hands, courtesy of ransomware and other cyberthreats, HIPAA compliance breaches are on the rise. According to Diagnostic Imaging contributor Rachel V. Rose, there were at least three examples of notable compliance breaches in April, one of which resulted in a $400,000 fine. TechnicallyRead more

Understanding data breaches in 2017

The current threat landscape is immensely challenging for cybersecurity professionals, who must account for a broad spectrum of risks posed by individuals outside and inside their organizations. It is not just hacking or malware that now regularly enable attacks against today's firms: There are also the openings provided by social networks, weak passwords and basicRead more

The scourge of cybersecurity isn’t hacking – It’s a skills shortage

This post explains the challenges inherent in locking down security talent, and explores alternative solutions to fill these voids.

Got a case of alert fatigue? Discover the cure

In the realm of cybersecurity, the vast swaths of available solutions and the resources required to manage them appear to be more trouble than they’re worth.

WannaCry ransomware continues to spread globally like wildfire

In the early hours of Friday, May 12, cyber criminals released ransomware dubbed “WannaCry” (aka WannaCryptor) that disrupted the services in multiple hospitals, telecom companies, universities, and car manufacturing plants across Europe. Within 24 hours, this strain of ransomware has spread across 150 countries, locking up more than 200,000 computers. Businesses are bracing for the worstRead more