The German digital association, Bitkom, recently announced that the cost of IT equipment theft, data breaches, digital and industrial espionage, and sabotage is expected to reach a staggering 206 billion euros ($224 billion) in 2023. more
Hackers breached a Kansas Department of Commerce data system used across multiple states and gained access to more than 5.5 million Social Security Numbers, according to local news sources. more
President-elect Donald J. Trump has named Thomas P. Bossert, a top national security aide under President George W. Bush, to be his homeland security adviser, the Trump transition team announced Tuesday morning," Michael D. Shear reporting in the New York Times. more
Two factor authentication that uses an uncopyable physical device (such as a cellphone or a security token) as a second factor mitigates most of these threats very effectively. Weaker two factor authentication using digital certificates is a little easier to misuse (as the user can share the certificate with others, or have it copied without them noticing) but still a lot better than a password. Security problems solved, then? more
FlyHosting had been open for business since November 2022 and was used for malicious activities such as hosting malware, botnet controllers, and carrying out DDoS attacks. more
Security analysis suggest troubling and escalating trends in the development of malware that exploits vulnerabilities on mobile devices. "From turning mobile devices into bots, to infiltration of mobile applications, driven by the use of personal devices in the workplace, cybercriminals are taking full advantage of this market," reports M86 Security Labs in its just released Threat Predictions Report. more
The European Commission has launched a new public-private partnership on cybersecurity expected to trigger €1.8 billion ($2B) of investment by 2020. more
Leading French presidential candidate Emmanuel Macron's campaign confirmed on Friday a "massive" computer hack that dumped its campaign emails online less than two days before the election. more
For all of us at Public Interest Registry, working to remove child sexual abuse content from the Internet isn't just a part of our work; it's our moral duty. As stewards of the .ORG community, addressing the problem head on is the only option compatible with our values. Talking about Child Sexual Abuse Materials (CSAM) is challenging and uncomfortable. It's also far too important, and prevalent, of a problem to ignore. While it's impossible to know exact numbers, online CSAM is a major, rapidly growing crisis. more
A group of ISPs on wednesday told U.S. Congress that passing new cybersecurity rules affecting broadband and mobile service providers is counterproductive and should be resisted. Jason Livingood, vice president of Internet systems engineering at Comcast, during a hearing before the U.S. House of Representatives Energy and Commerce Committee's communications subcommittee, said: ISPs have "strong incentives" to secure their networks and invest heavily in cybersecurity because of competition. more
As governments convene to discuss the UN Cybercrime Treaty, Google is urging caution, warning that the current draft could endanger online security and free expression. more
A report, released today by McAfee, Inc., titled "Security Takes the Offensive," says that traditionally, security technology companies and computer users have taken a defensive posture, putting the cyber equivalent of body armor on computers, networks and in the cloud. The report's authors say it is now time to avoid enemy strikes altogether by taking a more aggressive stance, aligning forces and involving law enforcement. more
In follow up to reports on ICANN's termination of notorious domain name registrar, EstDomains due to fraudulent activities, the Internet oversight agency is now preparing to transfer domain names of its customers to other registrars... However the question asked by experts is whether any other registrar would have an interest in inheriting EstDomains questionable domain names. more
The UK cares about its citizens' privacy to the tune of a $229 million (US) fine of British Airways for a breach that disclosed information of approximately half a million customers. It's exciting -- a significant fine for a significant loss of data. I think GDPR will lead to improved security of information systems as companies scramble to avoid onerous fines and start to demand more from those who provide information security services and products. more
Cybercriminals are continuing to exploit human nature and relying on familiar attack patterns such as phishing, and increase their reliance on ransomware, where data is encrypted and a ransom is demanded, according to Verizon 2016 Data Breach Investigations Report released today. more