Cyber-extortion attacks, especially those involving DDoS gangs that threaten disruptions unless the targeted organization pays a bitcoin ransom, are on the rise. Experts describe how organizations should respond to - and resist - these attacks.
Sophisticated phishing campaigns, increasingly targeted because of social media, are fueling business email compromises - a growing wire fraud scheme that is attacking businesses worldwide, says Jim Hansen of PhishMe.
How many networking vendors - like Juniper - have been selling devices with backdoors attackers could use to intercept and decrypt communications? Some networking giants say they've launched code reviews. But why are eight vendors staying silent?
Networking giant Fortinet warns that more products than it initially suspected have a hardcoded password that attackers could abuse to remotely gain backdoor access to vulnerable devices. But why did the flaws take so long to be found?
Banking institutions and associations are demanding that the Federal Financial Institutions Examination Council make significant changes to its Cybersecurity Assessment Tool. What action, if any, will regulators take in response?
Security experts are warning that Chinese networking product manufacturer TP-Link has been shipping routers with a WiFi password that's based on their MAC address, thus making their passwords easy for would-be attackers to sniff.
The Ukrainian energy sector is being targeted by fresh phishing attacks, the country's computer emergency response team warns. But it's not clear who's behind those campaigns, or a recent malware infection at Kiev's main airport.
Because of the U.S. migration to EMV, 2016 is expected to be a watershed year for mobile payment adoption, says Randy Vanderhoof of the EMV Migration Forum. Now, he says, the industry should be more focused on new applications hitting the market than on the number of adopters.
Security experts say the conclusions of an inspector general's report on how the Nuclear Regulatory Commission contracts the administration of security operation centers also applies to other government agencies and private businesses.
Extortion campaigns waged by cybercriminals are expected to become more damaging in 2016, putting additional pressure on CISOs to enhance protection of internal networks and educate employees about extortionists' techniques, says iSight Partner's John Miller.
Here's why the acquisition of rival threat-intelligence firm iSight Partners by breach investigation heavyweight FireEye makes sense, and why market watchers predict that other stand-alone intelligence firms will soon get snapped up.
Cyber insurance covers more than the cost of breaches of data privacy; it can play a role in protecting against the cost of a cyberattack that disrupts business operations, explains insurance specialist Tim Burke in this video interview.
A lawsuit filed against security firm Trustwave is raising questions about "PCI Professional Forensic Investigators" and how they are monitored by the PCI Security Standards Council. But experts say the onus is on companies, not the council, to ensure their security practices are adequate.
DataBreachToday announces its inaugural list of top influencers, reflecting the individuals and organizations who have the biggest impact - good or bad - on the data breach landscape and growing breach epidemic.