This week's top reported breach incidents, including the report by Hold Security warning that a Russian cyber gang had breached 1.2 billion passwords, all have one thing in common: They leave numerous questions unanswered.
Expect every new warning of cybercrime attacks, online espionage or the malware du jour to be slickly marketed, with the announcements carefully timed. But is this bad for either the information security community or attackers' victims?
A report that a Russian hacker group dubbed "CyberVor" is hoarding more than 1 billion stolen passwords triggered worldwide concern, but security experts caution that scant details have been revealed, making the threat tough to judge.
Today's sophisticated attackers use ever-stealthier malware and zero-day exploits to evade traditional security defenses, making organizations increasingly vulnerable to advanced persistent threats (APTs). These APTs seek to exfiltrate critical data over the long term.
A Russian cyber gang has breached over 420,000 web and FTP sites to pilfer over 1.2 billion credentials, according to Hold Security, saying it discovered "what could be arguably the largest data breach known to date."
Target Corp.'s net breach expenses not covered by insurance are expected to total $146 million for its most recent three quarters following the company's massive December 2013 data breach that compromised payment card information.
Cybersecurity researchers at the Georgia Tech Research Institute are developing a tool known as BlackForest that amasses information from the Internet to give organizations an early warning of a pending cyber-attack.