The group of hackers who recently claimed to have hacked the CIA director's personal email account now says it has breached an FBI information-sharing portal. So far, the group has released contact information for about 2,400 law enforcement users.
Buoyed by massive illicit profits, cybercriminals have continued to refine their ransomware attacks, including updating their crypto techniques to foil decryption tools, encrypting file names and threatening to leak stolen secrets.
The National Institute of Standards and Technology has issued a Guide to Application Whitelisting that provides step-by-step instructions on deploying automated application whitelisting to help prevent malware from accessing IT systems.
In a video interview, Bob Carr of Heartland Payment Systems offers a frank assessment of missteps in the wake of the processor's landmark 2008 data breach, and he calls for widespread use of end-to-end encryption.
The U.K. government's response to whistleblower Edward Snowden's warnings that the U.S. and Britain had created a massive surveillance state has been to attempt to codify and expand those surveillance powers while also debating oversight and related matters in public for the first time.
The quantity and duration of distributed denial-of-service attacks continue to increase. The latest attacks are being launched via MySQL servers infected with Chikdos malware, as well as compromised Internet-connected CCTV systems, researchers say.
In this video interview, Mike Weber of Coalfire Labs discusses ways that healthcare organizations can develop strategies for easily sharing patient data among clinical professionals using a variety of devices while protecting that data from attackers.
British police have arrested a third suspect in connection with the hack attack against telecommunications provider TalkTalk. Separately, Vodafone UK also issued an alert of a breach, which it traced to reused passwords.
Even though the U.S. is migrating to the EMV chip, Visa is still stressing the need for merchants to comply with the PCI Data Security Standard, says Eduardo Perez, the card brand's senior vice president of payment risk, in this video interview.
LifeLock says it has reached a tentative agreement on a settlement with the FTC regarding alleged information security shortcomings and other issues. It says it's also reached agreement on a proposed settlement of a related consumer class action lawsuit. The stock market reacted favorably to the announcements.
Too many companies lack an understanding of the business ramifications of cyber threats, says Juanita Koilpillai, president of the Digital Risk Management Institute. In a video interview, she describes why business owners and insurance companies must work together to develop modern cyber risk management programs.
British police have arrested a 15-year-old boy in connection with the suspected hack of TalkTalk. Security experts say that if a teenager was responsible, it's going to be difficult for the communications firm to prove that it takes customers' data security seriously.
Cyberattacks are challenging our current methods of defense, says Lance James, a global cyber intelligence adviser at the consultancy Unit 221b. In a video interview, he discusses the changes in tools and skills that must be made to fend off fast-moving adversaries.