In August of 2012, a group called "Cutting Sword of Justice" claimed responsibility for an attack using the Shamoon virus on 30,000 work stations at the Saudi oil giant, Aramco. The virus corrupted files and left machines unusable, shutting down the company's administration for a week. For CIOs, Shamoon and other...
What truly affects the cost of a data breach?
Ponemon Institute's latest study of 350 organizations around the globe details both the cost and impact of data breaches, with breakdowns by industry and in the United States.
Security expert Alan Woodward is warning that enterprises should ditch RC4 after researchers demonstrated practical attacks that demolish the crypto that's widely used in enterprise WiFi devices and for TLS.
Put your personal feelings aside; what's dangerous about the AshleyMadison.com breach is that ideologists will now go beyond taking down an IT system and actually destroy a business. This evolution, says cybersecurity expert Carl Herberger, requires a new way to assess and mitigate risk.
DNS hijacking is the most common attack being investigated by Akamai's incident response team, says APAC CTO Mike Smith. He shares some background on the subject and his session on it at RSA Conference APAC.
Robin Slade of the Santa Fe Group says current vendor risk evaluation methods are inefficient. She advocates peer collaboration through shared assessments of vendors to help improve management of third-party risks.
Security researchers reported a zero-day bug to Microsoft - which has patched the flaw - after reverse-engineering details were contained in a bug hunter's sales pitch to hacked surveillance software vendor Hacking Team.
After the OPM breach, the U.S. and China recently agreed to hammer out a cyber "code of conduct." But John Pescatore, a director at the SANS Institute, argues that governments would be better served by first jointly combating cybercrime.
Shed a tear for enthusiasts of aging Microsoft Windows operating systems. That's because Microsoft has now retired Windows Server 2003 support, as well as anti-virus scanner and signature updates for Windows XP. But breaking up can be hard to do.
With Microsoft ceasing support for Windows Server 2003, security experts are warning organizations to quickly migrate to a new operating system and, in the meantime, lock down any servers that continue to use the aging operating system.
In-the-wild attacks have been found targeting at least one of two new zero-day Flash flaws leaked by Hacking Team's hacker. Separately, cyber-espionage APT attackers have been targeting a new Java flaw.
This document describes the business problems which privileged access management systems are intended to address. It goes on to describe best practices for defining and enforcing policies regarding discovering systems on which to secure access to sensitive accounts, updating and storing privileged passwords and...
Although they apparently weren't caused by cyber-attacks, the impacts of computer failures at the New York Stock Exchange, United Airlines and the Wall Street Journal have much in common with the aftermath of breaches.
FBI Director James Comey says he has faith in American technological ingenuity to overcome obstacles and give law enforcement the ability to access and decrypt data on the devices of criminals and terrorists.