A government watchdog warned four federal agencies that they must be more diligent in implementing their cybersecurity programs. Otherwise, some of the government's most sensitive information is at risk of being disclosed to unauthorized individuals.
A recent spate of spam emails has been tricking users into installing JavaScript-based downloaders, which then download and install Locky and TeslaCrypt ransomware, Microsoft warns. Security experts detail top defenses.
The Justice Department's appeal of a court order that the government can't compel Apple to unlock an iPhone used by an accused drug dealer is significant because it sets in motion a process that could lead to a Supreme Court ruling on whether mobile device makers must give law enforcement an encryption backdoor.
A thriving market now exists to help cybercriminals recruit new talent, says Rick Holland of the threat intelligence firm Digital Shadows, which has been studying how cybercriminals advertise for new recruits - and the types of technology skills that are most in demand.
The U.S. government's intrusion detection and prevention program known as Einstein has limited ability to detect breaches of federal information systems, according to a new Government Accountability Office report.
Banking institutions and associations are demanding that the Federal Financial Institutions Examination Council make significant changes to its Cybersecurity Assessment Tool. What action, if any, will regulators take in response?
Security experts say the conclusions of an inspector general's report on how the Nuclear Regulatory Commission contracts the administration of security operation centers also applies to other government agencies and private businesses.
Slamming a Ukrainian energy provider for recently falling victim to a spear-phishing email and Excel macro attack might be easy. But security experts recommend all organizations use the incident to ensure they won't fall victim to copycat attacks.
A judge has dismissed a class-action lawsuit against Michaels, filed after the retailer warned that POS malware-wielding attackers had successfully stolen details of an estimated 2.6 million payment cards. But the ruling isn't a surprise - here's why.
An inspector general report on a Federal Reserve audit raises more questions than it answers regarding the security risks facing one of the Fed's information systems. The executive summary of the audit fails the transparency test to inform the public.
New guidance for cyber-resilience, vendor management and breach notification are expected for New York state banks in early 2016. And the tone set by these guidelines may have a ripple effect, influencing the actions of federal banking regulators.
A U.S. House committee recently passed legislation that's aimed at helping law enforcement bring to justice cybercriminals from other nations who buy and sell payment card data stolen from U.S. citizens. But would it really help the global fight against cybercrime?
With the heightening of the threat of cyber-attacks to America's critical infrastructure, a congressional watchdog says federal agencies need to adopt better metrics to determine the risks specific to the industries they monitor.
A government audit of Internal Revenue Service financial statements reveals deficiencies in internal information security controls, including missing security updates, insufficient audit trails and monitoring for certain key systems and use of weak passwords.
Gregory Wilshusen discusses the path he followed to his job as the government's lead information security auditor and the skills needed to be an InfoSec auditor.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.