India's Ministry of Electronics and Information Technology, or MeitY, plans to create a "challenge grant" program to support cybersecurity startup companies in an effort to encourage domestic development of innovative technologies.
Kaspersky Lab says it "inadvertently" scooped up classified U.S. documents and code from an NSA analyst's home computer, but suggests it wasn't the conduit by which the material ended up in Russian hands. It claims that the computer was riddled with malware.
The latest ISMG Security Reports leads with a top DHS cybersecurity leader, Jeanette Manfra, providing a case study on how information sharing helped mitigate the WannaCry attack in the U.S. Also, the SEC mulls toughening its cyber risk reporting requirements.
Rare, massive data breaches don't necessarily pose the greatest risk to organizations, according to a new study co-authored by Google researchers. Also beware of quiet pedestrian schemes - think phishing, keyloggers - and attack tactics unchanged since the mid-2000s.
All U.S. publicly traded companies should review how they internally disseminate breach information and expect to see revised cybersecurity guidance, says William Hinman, the director of corporation finance for the U.S. Securities and Exchange Commission.
Security practitioners must do a much better job of prioritizing their investments based on the most significant risks their organizations face, says Zulfikar Ramzan, chief technology officer at RSA, who offers insights on "fighting the right battle."
The former CEO of Yahoo, which has had 3 billion records exposed in a 2013 data breach, testified at a Senate hearing that it's tough for any corporation to defend against nation-state backed cyberattacks. That led senators to grill Marissa Mayer about the security steps Yahoo had taken.
The ISMG Security Report leads with a discussion about the sale of compromised remote desktop protocol credentials for as little as $3 on darknet marketplaces. Also, grading the performance of DHS in sharing cyberthreat information.
Fraudulent SWIFT money-moving attacks continue, as one of Nepal's largest private-sector commercial banks, NIC Asia Bank, says attackers tried to steal $4.4 million after hacking its SWIFT server. Most of the funds have since been recovered.
Equifax says four senior executives - including its CFO - did not know the company had suffered one of the worst breaches in history when they collectively sold about $1.8 million worth of shares. Equifax's board found that 12 days elapsed before the first of the four learned about the hack.
Nearly 50,000 personal records relating to Australian government employees as well as the employees of two banks and a utility were exposed to the internet due to a misconfigured Amazon storage server. The episode is the latest in a string of large breaches to hit Australia.
This monthly Security Agenda will highlight some of the most recent additions to our course library. This month's edition features Gartner's Avivah Litan on Attribution & Elections. Other influencers like David Pollino Bank of the West CSO, Art Coviello, former CEO, RSA Security, and Kenrick Bagnall, Detective...
The U.S. Justice Department has identified at least six members of the Russian government that investigators believe orchestrated last year's hack of Democratic National Committee computers and dumping of stolen information and may file charges next year, the Wall Street Journal reports.
Malaysia is grappling with a sweeping data breach that exposed 46 million mobile phone records, job seeker profiles and data from medical organizations. The breach, which may have occurred in 2014, is the largest Malaysian breach to ever become public.