Russian authorities have reportedly arrested a man believed to be the author of the Blackhole exploit kit, widely used by cybercriminals to exploit vulnerabilities in Web browsers and other software to infect user computers with malware.
Organizations in all sectors should take steps now to avoid security and operational risks associated with Microsoft's plans to discontinue support of the Windows XP operating system next year, security experts say.
Randy Trzeciak and his CERT Insider Threat Center colleagues are working to broaden the definition of the insider threat to incorporate not just the risk to information and IT but to facilities and people, too.
Adobe is notifying 2.9 million customers that their personal information has been compromised as a result of a breach into the software company's network. Source code for numerous products was also illegally accessed.
The State Department's top cyberdiplomat, Chris Painter, explains how the United States is helping other nations beef up their laws and policies to battle cybercrime and improve international collaboration on cyberthreats.
With the prospect of a federal government shutdown, and its implications for IT security, it's worth considering what happened in Minnesota two years ago, when a similar budget squabble shuttered state operations for 20 days.
Two states are testing new technologies that, if successful, should make it easier for citizens to securely access government services online with the side benefit of mitigating fraud and identity theft.
Successfully implementing the SANS 20 Critical Security Controls requires far more than just deploying systems, platforms or services. Experts offer insights on effective strategies for leveraging technical controls.
Hackers allegedly trafficking in personally identifiable data have reportedly breached the computers of three major data aggregators, raising doubts about knowledge-based authentication as a tool to verify identity.