Even if China fails to live up to its promise to stop pilfering corporate trade secrets, as America's spy chief predicts, the U.S. could still benefit diplomatically from the two nations' cybersecurity agreement.
In addition to having a dedicated individual or team responsible for privacy matters, organizations must ensure their information security and IT staffs are knowledgeable about data privacy issues, says Trevor Hughes, CEO of the International Association of Privacy Professionals.
The commoditization of attack infrastructure and services in the cyber-criminal underground, and the low cost and ease of launching targeted attacks, are growing concerns that require new defense strategies, says Trend Micro's Raimund Genes.
Cybercrimnals are now using the Dyre and Dridex banking Trojans to gather massive amounts of data about individuals and companies that could enable them to track patterns of behavior, which might later help them evade intrusion detection, says Fox-IT's Eward Driehuis.
The hotel chain bearing 2016 U.S. presidential candidate Donald Trump's name has confirmed that its point-of-sale systems were malware-infected for more than a year, but it's downplaying the possibility that card data was exfiltrated or used to commit fraud.
Defeating biometrics-based security with far-fetched schemes, such as stealing or replacing eyeballs and fingertips, is a recurring theme in the movies. But real-world advances in authentication will help make it difficult to circumvent real-world security.
Europe's successful migration to EMV, which began more than a decade ago, employed deadline shifts, education for cardholders and merchants and an approach based on PIN codes. Here are lessons for the in-progress U.S. migration to EMV.
The U.S. and China, as part of a cybersecurity agreement, have agreed not to conduct or knowingly support cyber-enabled theft of intellectual property with the intent of providing competitive advantages to companies or commercial sectors.
Security experts warn about a trio of new threats: GreenDispenser cash-out malware, the Shifu banking Trojan being spread via malvertising attacks and Neutrino crimeware getting an upgrade to steal payment-card data.
The severity of the U.S. Office of Personnel Management breach continues to grow, with investigators now reporting that hackers stolen 5.6 million people's fingerprint data. The theft may have security implications well into the future.
The number of apps infected in the first large-scale Apple App Store malware outbreak is far higher than was first believed, according to the cybersecurity firm FireEye, which reports that at least 4,000 apps were infected with XcodeGhost malware.
The attacks have evolved, breaches have multiplied, and serious security gaps have been exposed. But what most concerns FireEye President Kevin Mandia? The rise of nation-states as leading threat actors.
Amid some controversy, a national encryption policy draft was withdrawn by the Indian government within days of its release for public comment. Security experts say the draft reflects a lack of clarity and needs more work.
Responding to U.S. government criticism of China over its persistent online economic espionage campaigns, Chinese President Xi Jinping says that the Chinese government does not hack other nations, or support Chinese companies that do so, and calls for those responsible for cyberattacks to be prosecuted.
For years, information security experts have been warning users to create complex, unique passwords, and organizations to secure them properly. But an analysis of 12 million cracked Ashley Madison passwords shows how much we're still failing.