Why incident response is the best cybersecurity ROI

Most organizations will suffer one or more major security incidents in which an attacker has administrative control over the IT systems that enable business processes and storing critical data, according to the Microsoft Incident Response Reference Guide. Business leaders and IT executives aren’t expected to entirely prevent cyber attacks, but they’re expected to react immediately and […]

Mobile Device Makers Increasingly Embrace Bug Bounty Programs

With the rise of mobile threats and ubiquitous use of smartphones, mobile device makers are increasingly throwing their resources toward bug bounty programs to shore up the security of the devices. Samsung, which holds the largest market share for Android devices, launched a bug bounty program earlier this year, offering up to $200,000 per vulnerability discovered, depending on its severity. It […]

Why Hackers Are in Such High Demand, and How They’re Affecting Business Culture

News headlines often focus on the hackers who launch cyber attacks and leak confidential data such as National Security Agency exploits, sensitive political emails, and unreleased HBO programming, but hackers can also affect organizations in positive ways. White hat hackers (as opposed to black hats) increasingly are finding employment in companies as security researchers. From conducting penetration […]

Is a Good Offense the Best Defense Against Hackers?

Destruction, loss of data, intellectual property theft, fraud, embezzlement, disruption to business, restoration—globally, the costs of dealing with hacking are staggering. Yet under US law, it’s illegal to attack the hackers back. In February, a Georgia Republican introduced a bill to Congress to give legal protection to hacking victims who “hack back” at attackers. The […]

5 top machine learning use cases for security

At its simplest level, machine learning is defined as “the ability (for computers) to learn without being explicitly programmed.” Using mathematical techniques across huge datasets, machine learning algorithms essentially build models of behaviors and use those models as a basis for making future predictions based on newly input data. It is Netflix offering up new […]

Researchers’ tool uncovers website breaches

Researchers from the University of California San Diego (UCSD) designed a prototype system to determine if websites were hacked. They conducted their study and monitored over 2,300 sites from January 2015 to February 2017. In the end, the system detected 1 percent, or 19 sites, were compromised, “including what appears to be a plaintext password […]

How CSOs Can Adapt to the Changing World of Digital Risk

Picture this, a large organization has been hacked, compromising the financial information of millions of people. News headlines detailing similar stories are now frequent, causing the job description of CSO to rapidly expand. In the past, the main responsibility of this role has been managing the physical security of an enterprise. But in today’s dominantly […]

Russian-Speaking ‘MoneyTaker’ Group Helps Itself to Millions from US Banks

A Russian-speaking cybercrime group has stolen millions of dollars from more than 20 banks in the US and Russia since at least May 2016 and appears poised to strike financial institutions across Latin America next, Moscow-based Group-IB warned Monday. According to the security vendor, the so-called MoneyTaker group’s modus operandi has been to break into […]

Attacker ‘Dwell Time’ Average Dips Slightly to 86 Days

It now takes an organization just under three months on average to detect hackers embedded in their network, a modest improvement over years past. That’s one of the takeaways from data culled from 100 incident response investigations conducted by CrowdStrike this year. The security firm’s newly published Cyber Intrusion Services Casebook 2017 shows that organizations […]

NiceHash suffers security breach, around $70 million in Bitcoin stolen

NiceHash, one of the most popular crypto-mining marketplaces, has apparently suffered a breach that resulted in the theft of the entire contents of the NiceHash Bitcoin wallet. Read more about the NiceHash security breach on Help Net Security.