A jury's decision to award $940 million in damages to electronic health records software vendor Epic Systems, which had sued India's Tata Consultancy Services alleging theft of trade secrets, serves up lessons about the importance of restricting access to all sensitive data, including intellectual property.
Attackers have been exploiting JBoss application servers to install remote-control web shells as part of a campaign that targets enterprises with network-hopping SamSam (a.k.a. Samas) ransomware, researchers at Cisco Talos warn.
A cybercrime gang has been using new malware to target business customers of banks in the United States and Canada and steal millions of dollars, primarily from business accounts, researchers at the IBM X-Force security group warn.
Russian authorities have reportedly sentenced Dmitry "Paunch" Fedotov, the developer of the notorious Blackhole exploit kit that's been linked to large amounts of fraud, to seven years in prison - an unusually severe sentence for online crime in that nation.
Is it ever acceptable for ransomware victims to pay a ransom to obtain the decryption key required to restore access to their data? Due to poor preparation, many organizations continue to face that question.
Backed by its own logo, Badlock refers to a set of critical Samba vulnerabilities in Windows and most Unix/Linux operating systems, which attackers could exploit to launch man-in-the-middle attacks against corporate networks.
A British man who pleaded guilty to selling homemade distributed denial-of-service attack tools reportedly used to carry out more than 600,000 attacks has escaped jail time, with a judge calling him "young and naïve."
Security experts are once again warning all Flash users to either update or uninstall the browser plug-in software to protect themselves against active exploit kit attacks that are targeting a zero-day Flash flaw to install ransomware.
A court has approved settlement of a class-action lawsuit filed by employees of Sony Pictures in the wake of its massive 2014 breach. But some legal experts say the consumer protections provided in the settlement do not go much beyond what the company should have routinely provided to victims in the wake of a breach.
New guidance from the National Institute of Standards and Technology could help make it easier and less expensive for organizations to encrypt and decrypt some forms of data, including Social Security and credit card numbers.
The massive 'Panama Papers' leak demonstrates how law firms are at risk from internal and external attackers seeking to access confidential information. Experts offer insights on how these firms, and others, can better defend their clients' secrets.
The Federal Reserve will carefully scrutinize the security components of proposals it's receiving this month for technologies that can be used to enable faster payments in the United States. That's because a key issue in moving to faster payments is mitigating the greater risk of fraud.
Luxury hotel chain Trump Hotels is investigating a possible breach that some security sources say targeted the chain's point-of-service system. If confirmed, it will be the second card breach suffered by the chain in less than a year.
The massive "Panama Papers" data leak apparently was enabled by a law firm failing to have the right information security defenses in place. The breach calls attention to the need for all organizations to encrypt sensitive data, use access controls as well as monitor access patterns for signs of data exfiltration.
Security experts worldwide are sorting through the implications of the so-called "Panama Papers" leak, involving 11.5 million records. The documents highlight an elaborate web of offshore holdings that everyone from heads of state to celebrities and fraudsters have allegedly used to hide billions of dollars.