As the Indian government pushes ahead with ambitious IT projects, such as Digital India, a key foundation is security-enabled digital assets, J.A. Chowdary, an adviser for information technology for the government of Tamil Nadu, said Thursday at ISMG's Cybersecurity Summit in Mumbai.
Ransomware attacks have taken an unwelcome turn: The Maze gang reportedly has begun leaking a victim's files to create pressure to pay a ransom. Security experts say they're not surprised by this development, but note that given the different skills required, such tactics may not become widespread.
Twitter users no longer have to supply a phone number in order to use two-step verification for authentication. The move will better protect accounts from SIM hijacking attempts and also means users don't have to sacrifice some of their privacy to enable a security feature.
This edition of the ISMG Security Report features an analysis of the very latest ransomware trends. Also featured: Discussions of Microsoft's move to DNS over HTTPS and strategies for tackling IoT security challenges.
Target has filed a lawsuit against its long-time insurer, ACE American Insurance Co., in an attempt to recoup money it spent to replace payment cards as part of settlements over the retailer's massive 2013 data breach. Find out how much money the company is seeking.
Dopplepaymer ransomware, despite ongoing rumors, is not being spread via the Teams collaboration platform or BlueKeep remote desktop protocol flaws, Microsoft says. But it warns that the damaging crypto-locking code is being spread via stolen Active Directory administrator credentials.
Microsoft has outlined its plans for supporting the encryption of Domain Name System queries, which allows for more private internet browsing. The first step will be to upgrade connections to DNS over HTTPS, but allow admins to control DNS settings.
Multinational companies that must comply with widely varying privacy laws around the world should focus on a broad privacy strategy rather than a compliance strategy, says Vishal Salvi, CISO at Infosys.
While IoT devices are entering enterprises at a rapid pace, the security practices around them are as much as 20 years behind those for enterprise computing, says Sean Peasley of Deloitte, who outlines steps organizations can take to ensure safe IoT computing.
To help security practitioners address their cybersecurity challenges, ISMG is hosting a Cybersecurity Summit on Nov. 21 in Mumbai, best practices in tackling cybersecurity issues. Among the speakers: Loknatha Behera, Kerala's state police chief, and former Supreme Court Justice B. N. Srikrishna.
U.S. Sen. Bob Menendez has sent letters to the State Department and Twitter CEO Jack Dorsey raising concerns about the insider breach at the social media platform and the role that Saudi Arabia is playing in manipulating American tech firms to crack down on dissidents.
The Australian Parliament's computer network was compromised in January after politicians browsed a legitimate website that was compromised. The watering-hole style attack resulted in a small amount of non-sensitive data being revealed, according to the leader of the Senate.
Why try to hack Silicon Valley firms if you can buy off their employees instead? Such allegations are at the heart of a criminal complaint unsealed last week by the Justice Department, charging former Twitter employees with being Saudi agents. Experts say tech firms must hunt for employees gone rogue.