CISOs who want to keep more cyber-attacks from succeeding should focus on decreasing the half-life of vulnerabilities, which refers to the amount of time it takes half of all systems affected by a vulnerability to get patched. That's the advice from Qualys' Wolfgang Kandek.
Three years after hacktivists targeted U.S. banks with a series of DDoS attacks, the size and magnitude of attacks continue to grow, but they're now more likely to be designed to facilitate fraud. Here's an update on the status of banks' mitigation strategies.
Extortionists and "free agent" rogue insiders have emerged as the top two most malicious cybercrime threats to banking institutions, says Gartner's Avivah Litan. How should institutions bolster their defenses?
After Target's $67 million settlement with Visa to reimburse banks for expenses related to the retailer's 2013 breach, MasterCard confirms it is weighing a new deal. Will settlements derail a pending lawsuit against the retail giant?
What do successful but separate malware attacks against banking customers around the world, as well as the White House and health insurer Anthem, all have in common? Researchers say the answer is shockingly simple.
Security is a busy sector: Symantec jettisoned Veritas, Zscaler became a "unicorn" after its most recent funding round, and we have other M&A news from Cisco, Fidelity National Information Services and Proofpoint.
In a security landscape where the frenetic pace of technology has changed paradigms in ways organizations are struggling to cope with, Blue Coat's Hugh Thompson advises adopting a 'Degrees of Freedom' approach.
Instead of hacking into trading platforms, prosecutors say a gang stole confidential press releases, enabling traders to illegally earn $100 million. Security experts say it's time to review the "information supply chain."
In June 2012, restaurant chain Penn Station was among the first retailers hit by a POS breach linked to malware. Here, in an exclusive interview, President Craig Dunaway discusses the lasting impact of the breach.
The APT gang known as Darkhotel quickly tapped a Hacking Team exploit for Flash, Kaspersky Lab reports. But the gang's ongoing trickery shows that organizations must do more than just patch against the latest threats.
The U.S. Department of Justice has announced charges against nine people suspected of running an international insider-trading and hacking scheme predicated on stealing confidential press releases before publication.
A $46.7 million fraud scheme that hit Ubiquiti Networks Inc. shows the new & improved face of wire fraud - and just how easy it is for cybercriminals to fool employees into helping to pilfer their own enterprises.
Carphone Warehouse, a U.K.-based mobile phone retailer, is investigating a cyber-attack that may have breached personal information associated with up to 2.4 million customers, and card data linked to 90,000 accounts.
Neiman Marcus has asked a federal court to reconsider its decision to allow a consumer class-action suit to go to trial. If the retailer fails, legal experts say, it could mean a costly setback for breached entities.
The takedown of Gameover Zeus taught law enforcement and banks many lessons, including that Trojans are being used to steal corporate secrets, not just money, says Eward Driehuis of Fox-IT, which investigated the threat actors behind the Trojan.