How will federal banking regulators respond to growing criticism of the FFIEC's Cybersecurity Assessment Tool? A new FDIC publication leads some experts to believe no new guidance is forthcoming. Here's why.
Over a three-month period in 2015, a single cybercrime gang managed to earn at least $330,000 in bitcoins thanks to an estimated 670 victims paying attackers to decrypt ransomware-infected systems. Should police be doing more to stop these attacks?
President Obama is creating a federal CISO post as part of a multifaceted initiative aimed at strengthening the nation's IT security. His plan includes forming a public-private Commission on Enhancing National Cybersecurity and boosting government cybersecurity spending by 35 percent.
The U.S. government is probing an apparent cybersecurity lapse that allowed a hacker to obtain and release contact information for more than 20,000 FBI employees and 9,000 other Department of Homeland Security employees.
The banking malware known as Carbanak continues to evolve, and cybercriminals are now using it to wage APT-style attacks against banks as well as companies in other sectors, according to security researchers at Kaspersky Lab.
Have Russian authorities collared the cybercrime gang responsible for the notorious Dyre malware? Related attacks ceased after authorities raided a Moscow-based production company developing a movie called "Botnet," Reuters reports.
Who is responsible for fraud losses resulting from business email compromise? Texas-based AFGlobal Corp. is suing its insurance firm to settle this question. Experts weigh in on the lawsuit and why cyber insurance rarely covers losses from these scams.
The rise in RFID-based contactless payment cards has led to increased concerns that fraudsters could wirelessly crack cards' secret cryptographic keys. But a team of MIT researchers has debuted defenses against such hack attacks.
The trend across industries is that automation results in a drastic reduction of operational job roles, even as it brings in economies of efficiency. What then does automation in security mean for the profession?
A new breach of customer accounts at luxury retailer Neiman Marcus is, once again, putting the spotlight on the vulnerabilities created by relying only on usernames and passwords for online authentication, and the risks posed by storing customer information.
The new EU-U.S. data transfer agreement will be called "Privacy Shield." Beyond that, however, the actual details of the agreement - and whether it will pass muster with the EU's privacy commissioners or high court - appear to be a work in progress.
Landry's Inc. now reveals the broad scope of point-of-service malware attacks against its restaurants and other properties dating back to 2014 and 2015. Experts discuss factors that could have contributed to the breaches.
Law enforcement and intelligence agencies will have plenty of chances to snoop on criminals, terrorists and citizens even as communications vendors enable default encryption on mobile devices, a study from Harvard University says.
British bank HSBC warned customers on Jan. 29 that it's been defending itself against distributed denial-of-service attacks, just two days before a major U.K. tax deadline. Security experts say botnet-driven disruptions of U.K. sites have risen sharply.