Russian and European malware and spam purveyors have been hijacking Internet routes. Pending a massive infrastructure upgrade, security experts warn that such attacks can be detected, but not easily blocked.
A new report claims that Russian hackers, using spear-phishing attacks, breached the Sony Pictures Entertainment network by November 2014. But it's not clear whether they were responsible for the "G.O.P." attacks attributed by the FBI to North Korea.
Target is the high-profile example, but many organizations have been breached through third-party vulnerabilities. Where are the security gaps, and how can they be filled. BitSight's Stephen Boyer offers insight.
The Obama administration has taken new, but modest steps to limit the ability of intelligence agencies to collect data on individuals, but the new policy doesn't end the bulk collection program revealed by former NSA contractor Edward Snowden.
Target Corp. has replaced its "interim" CIO, who was named to the post last year following its massive 2013 data breach that compromised 40 million credit card numbers and exposed personal details on 70 million customers.
Visa executive Kimberly Lawrence contends that the ongoing U.S. migration to EMV is progressing more rapidly than in other markets that have made the transition, requiring outside-the-box rules for debit transactions and cardholder verification.
President Obama says his proposed cybersecurity budget is designed to help prevent foreign nations or hackers from shutting down American networks, stealing trade secrets or invading the privacy of American families.
Hackers posing as women on Skype tricked Syrian opposition fighters into infecting their systems with malware, which furnished the hackers with "valuable insight into military operations," according to a new report from cybersecurity firm FireEye.
Starting in April, Singapore plans to have a dedicated and centralized cybersecurity agency. But experts question whether the agency can take a holistic approach and effectively coordinate with industry.
Lawmakers are more serious than ever about cybersecurity legislation. Their intent is to enact, but can they compromise on legislation to share cyberthreat information and nationalize data breach notification?