The prices for stolen payment card data and other cybercrime products and services on Russian underground forums continue to fall. But the cybercrime ecosystem is more automated, effective and robust than ever, Trend Micro reports.
Post-OPM breach legislation aimed to toughen cybersecurity at federal government civilian agencies by requiring the implementation of state-of-the-art tools has passed the Senate Homeland Security and Governmental Affairs Committee.
Just two weeks after an international, FBI-led operation disrupted the notorious hacking forum Darkode, leading to 70 arrests, a supposed site administrator has claimed the forum will reboot on the "dark Web." But security experts question those claims.
Attackers could abuse flaws in Android's Stagefright media library to seize control of almost 950 million devices, just by sending a text, a security researcher warns. But will most devices ever see related fixes?
Will the Office of Personnel Management's breaches, which exposed the personal information of more than 22 million individuals, make it more or less likely that Congress will enact cybersecurity legislation, including a cyberthreat information sharing bill?
Security expert Alan Woodward is warning that enterprises should ditch RC4 after researchers demonstrated practical attacks that demolish the crypto that's widely used in enterprise WiFi devices and for TLS.
Cybercrime is growing as an industry, developing capabilities to target large entities. Ernst & Young's Ken Allan recommends a three-stage strategy to combat threats and urges CISOs to set new priorities.
Put your personal feelings aside; what's dangerous about the AshleyMadison.com breach is that ideologists will now go beyond taking down an IT system and actually destroy a business. This evolution, says cybersecurity expert Carl Herberger, requires a new way to assess and mitigate risk.
The hack of "cheating" dating site AshleyMadison.com is a reminder that no website or personal information can be guaranteed to remain secure against determined attackers. So businesses and consumers must plan accordingly. Here are six takeaways from the incident.
Misusing data access privileges can pose a threat to the integrity of an organization's IT systems and the privacy of individuals. But gray areas exist, and it's not always clear cut when "unofficially" accessing protected data means users are abusing their privileges.
British police have re-arrested Lauri Love, who's been charged with 2012 and 2013 hack attacks against U.S. government computers, including systems operated by the Federal Reserve, U.S. Army and NASA. But Love plans to fight extradition.
After jumping by 33 percent in 2014, the number of Americans who consider themselves IT security professionals has remained flat for the first half of 2015, according to an examination of federal government employment data. That's bad news for employers seeking IT security pros to hire.