Blunting Yahoo's attempt to blame nation-state attackers for its record-breaking breach, security firm InfoArmor says it's traced the 2014 hack to a cybercrime gang that's quietly resold the stolen data several times over.
Vulnerable internet-connected devices have been unwittingly drafted into electronic battle for DDoS attacks that have escalated to a new intensity in recent weeks.
A new cyberattack trend report from Europol notes that while online criminals continue to refine their capabilities, old and unsophisticated attacks too often still succeed, thanks to poor digital hygiene and a lack of security by design and user awareness.
The Australian Bureau of Statistics blames IBM for failing to stop distributed denial-of-service attacks that crippled its website on the evening of the country's largest-ever online census. But were census-takers misinterpreted as DDoS attackers?
Several civil lawsuits have been filed against Yahoo over the compromise of 500 million accounts. But such lawsuits have a mixed record of success in U.S. federal courts.
The more than 11,000 financial institutions that use the SWIFT interbank messaging network must annually prove they comply with its new cybersecurity standards or face being reported to regulators and business partners.
Cloud computing has already led to a fundamental shift in the enterprise computing paradigm, and security now needs to follow, says Gartner's Steve Riley, who shares recommendations.
The latest ISMG Security Report leads off with a segment in which Managing Editor Jeremy Kirk explains that the massive Yahoo breach not only exposed the accounts of a half-billion customers, but also the weaknesses in the way enterprises employ hashed passwords.
Hillary Clinton and Donald Trump ventured into new territory for their first presidential debate: cybersecurity. It marked one of the few subjects on which both candidates broadly agreed, although the exchange was marked with sharp jabs and an interesting attribution theory from Trump.
Most enterprises, when addressing mobile security, focus on securing applications, such as the devices' operating systems, or preventing the installation of malware. But NIST cybersecurity experts say organizations should take a much broader approach to ensuring mobile security.
In the face of evolving cyberthreats, organizations of all sizes need a more resilient cybersecurity architecture. Michael Kaczmarek of VeriSign describes how to achieve this resiliency.
As pressure to speed the development of applications intensifies, CISOs must be the "voice of reason," taking a leadership role in ensuring security issues are addressed early in app development process, says John Dickson, principal at Denim Group, a Texas-based security consultancy.
Asked to explain the compromise of 500 million of its users' accounts, Yahoo appears to be trying to blame Russia. Of course, that would be an easy face-saving exercise for a publicly traded firm currently negotiating its $4.8 billion sale to Verizon.
Security expert Sean Sullivan isn't surprised that the massive 2014 breach of Yahoo, which exposed at least 500 million account details, only recently came to light. Here's why, as well as what users must learn from this breach.
Yahoo's disclosure of 500 million stolen accounts, one of the largest-ever data breaches, comes after months of dark-web chatter that indicated the company may be the next victim following Twitter, LinkedIn and Dropbox.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.
