Analysis: Huawei's US Trust Problem

Data Breach Today

The latest edition of the ISMG Security Report analyzes concerns about the use of Huawei equipment by U.S. telecommunications firms. Also featured: A Huawei executive discusses 5G security, plus an update on an Australian ransomware attack

Analysis: President Trump and 'The Server'

Data Breach Today

The latest edition of the ISMG Security Report features an analysis of Donald Trump's comments about "the server" in a discussion with the president of Ukraine.

Analysis: New ISO Privacy Standard

Data Breach Today

What's the purpose of ISO 27701, the new privacy extension to the ISO 27001 information security management standard? Matthieu Grall, CISO and DPO at SodiFrance, a French IT services company, who participated in development of 27701, explains the standard and discusses "privacy by design" compliance issues

Analysis: Strong vs. Weak Encryption

Data Breach Today

The latest edition of the ISMG Security Report analyzes the debate over whether the government should require technology firms to use weak encryption for messaging applications. Plus, D-Link's proposed settlement with the FTC and a CISO's update on medical device security

Analysis: Facebook Breach's Impact

Data Breach Today

The latest edition of the ISMG Security Report features an analysis of the latest developments in Facebook's massive data breach and expert analysis of the potential for nation-state interference in the U.S. midterm elections

Analysis: Twitter's Phone Number Repurposing 'Mistake'

Data Breach Today

The latest edition of the ISMG Security Report analyzes Twitter's repurposing of user phone numbers for targeted advertising. Plus: A discussion of 5G security issues and findings of the Internet Organized Crime Threat Assessment

Analysis: The Texas Ransomware Mess

Data Breach Today

The latest edition of the ISMG Security Report analyzes the ransomware attack on Texas municipalities as part of a broader trend. Also featured: An initiative designed to safeguard the 2020 presidential elections and a CIO's third-party risk management efforts

Open Source Genomic Analysis Software Flaw Patched

Data Breach Today

A cybersecurity vulnerability discovered in open source software used by organizations conducting genomic analysis could potentially have enabled hackers to affect the accuracy of patient treatment decisions. Do Data Integrity Security Concerns Pose Potential Patient Safety Worries?

Malware Static Analysis

Security Affairs

Malware researcher and founder of Yoroi Marco Ramilli shared a simple tool for malware static analysis he used to perform massive Malware analysis research. By clicking on the desired table raw a modal popup will show you static analysis details such as, which YARA rule has been hit. You can make your analysis here: [link]. Malware Static Analysis. SecurityAffairs – Malware static analysis, malware).

Analysis: The Growth of Mobile Fraud

Data Breach Today

Brooke Snelling and Melissa Gaddis of iovation offer an analysis in this joint interview Why is fraud that originates on mobile devices growing at such a rapid rate?

138
138

Analysis: The Capital One Breach

Data Breach Today

The latest edition of the ISMG Security Report analyzes the root causes of the Capital One data breach. Also featured: breach remediation advice and compliance with New York's new third-party risk management requirements

The Ride-Along: Intelligence Analysis for Real Time Crime Centers

Data Breach Today

Learn about technologies and methods to more effectively and efficiently combat crime using intelligence analysis. Learn about technologies and methods to more effectively and efficiently combat crime using intelligence analysis

201
201

Analysis: Dark Web Arrests Also Led to Ransomware Disruption

Data Breach Today

and other law enforcement agencies appear to have led to the closure of the "Dream Market" dark web site, which, in turn, disrupted certain ransomware attacks, according to an analysis by incident response firm Coveware

Malicious PDF Analysis

Security Affairs

In the last few days I have done some analysis on malicious documents, especially PDF. Then I thought, “Why not turn a PDF analysis into an article?” SecurityAffairs – PDF analysis, hacking). The post Malicious PDF Analysis appeared first on Security Affairs.

Analysis: Report on China Attacking Mobile Devices

Data Breach Today

This week's ISMG Security Report takes a close look at whether an iPhone hacking campaign may be linked to Android spying campaigns by China. Plus: Do ransomware gangs target organizations that have cyber insurance

Analysis: The Significance of GDPR Fines

Data Breach Today

The latest edition of the ISMG Security Report analyzes the significance of fines against British Airways and Marriott for violations of the EU's GDPR. Also featured are discussions of California's privacy law as a model for other states and the next generation of deception technologies

GDPR 201

Analysis: How Police Disrupted a Cryptomining Malware Gang

Data Breach Today

The latest edition of the ISMG Security Report offers an analysis of how French cyber police disrupted a cryptomining malware gang. Also featured: Apple's botched patching of a jailbreaking vulnerability; an industry veteran's insights on battling payment card fraud

Analysis: Apple's New Single Sign-On Feature

Data Breach Today

The latest edition of the ISMG Security Report describes Apple's newly announced single sign-on function that's built with privacy in mind. Plus, a discussion of the "other" insider threat and an Infosecurity Europe conference recap

Analysis: Fallout From the Snowden Memoir

Data Breach Today

The latest edition of the ISMG Security Report features a discussion of the controversies surrounding the release of whistleblower Edward Snowden's memoir. Also featured: An update on Lumen PDF's breach disclosure; insights on financial services identity management issues

2018 Health Data Breach Tally: An Analysis

Data Breach Today

Hacking Incidents Still Dominate, But Fewer Huge Incidents Than in Years Past Major health data breaches added to the official federal tally in 2018 impacted more than twice as many individuals as the incidents added to the list 2017.

UK Cyberattack Investigations: An Analysis

Data Breach Today

The latest edition of the ISMG Security Report features an analysis of the results of over 1,000 cyberattack investigations in the U.K. Also: an update on the proposed NIST privacy framework and a report on voter registration information for sale on the dark web

Sales 143

Analysis: The Evolving Ransomware Threat

Data Breach Today

The latest edition of the ISMG Security Report offers an in-depth look at the ever-changing ransomware threat. Other topics: filling the DevSecOps skills gap and the repercussions of Australia's encryption-busting law

Wipro Attack Tied to Larger Phishing Campaign: Analysis

Data Breach Today

Upping the Ante on Anti-Analysis

Dark Reading

Attackers are becoming more sophisticated in their obfuscation and anti-analysis practices to avoid detection

112
112

Analysis: The Impact of Business Email Compromise Attacks

Data Breach Today

This week's ISMG Security Report analyzes the cost of business email compromise attacks and the recent arrest of dozens of suspects. Also featured: updates on the easy availability of low-cost hacking tools and the latest payment card fraud trends

Analysis: Health Data Breach Tally Trends

Data Breach Today

Here's an analysis of the latest statistics and the reasons behind the trends

Avoiding Critical Security Risk Analysis Mistakes

Data Breach Today

Privacy attorney Adam Greene provides tips for avoiding mistakes when conducting a HIPAA security risk analysis and spells out the essential steps to take

Risk 125

Analysis: Draft CCPA Regulations Fail to Clarify Ambiguities

Data Breach Today

Draft regulations to carry out the California Consumer Protection Act do not go far enough to clarify ambiguities in the law, which goes into effect Jan. 1, 2020, says privacy attorney Sadia Mirza of the law firm Troutman Sanders, who encourages organizations to submit comments on the proposed regs

Analysis: Russian Misinformation Campaign

Data Breach Today

The latest edition of the ISMG Security Report offers an update on how Russian bots and trolls are spreading misinformation on vaccines via social media - and the public health impact of the campaign. Plus: Tips on disaster recovery, internet of things security

White House National Cyber Strategy: An Analysis

Data Breach Today

Security Experts Examine Administration's Document and Rhetoric A national cybersecurity strategy document released by the White House last week - along with comments from a top Trump administration official that the U.S.

Analysis: Anthem Data Breach Settlement

Data Breach Today

Some terms of the recent $115 million settlement in the class action lawsuit against health insurer Anthem tied to a 2015 cyberattack appear underwhelming for the victims, says attorney James DeGraw, who explains why

Analysis: Verizon's Breach Report 2018

Data Breach Today

Verizon's latest Data Breach Investigations Report shows that half of data breaches in 2017 worldwide were orchestrated by organized cybercriminal groups, says Verizon's Ashish Thapar, who offers an in-depth analysis of the findings

Malware Analysis for Blue Teams

Data Breach Today

At a time when security professionals are faced not only with a barrage of threats, but with a myriad of threat intelligence data sources, it can be challenging to know when to stop an investigation. Join DomainTools Senior Security Engineer Tarik Saleh to learn essential methodologies from a blue team perspective

Using Machine Data Analysis to Detect Fraud

Data Breach Today

Jade Catalano of Splunk Discusses Early Detection Methods Connecting the dots between disparate forms of machine data can prove to be valuable in discovering fraud patterns, says Jade Catalano of Splunk, who explains how

158
158

Risk Analysis Requirement Survives 'Meaningful Use' Revamp

Data Breach Today

But current program requirements for conducting a security risk analysis would stick CMS Proposes Major Overhaul of EHR Incentive Program, Emphasizing Interoperability Federal regulators are proposing an overhaul to the "meaningful use" electronic health record incentive program.

CMS 130

ISO 27001: Gap analysis vs. risk assessment

IT Governance

What is a gap analysis? An ISO 27001 gap analysis gives organisations an overview of what they need to do to meet the Standard’s requirements. Download now >> The post ISO 27001: Gap analysis vs. risk assessment appeared first on IT Governance Blog.

Risk 78

Government Spending on Cybersecurity: An Analysis

Data Breach Today

Around the world, many CIOs at various levels of governments expect an increase in cybersecurity spending in 2019, according to new research from Gartner. Alia Mendonsa, co-author of the report, analyzes the results of a global survey