The National Institute of Standards and Technology has released a draft of guidance aimed at helping government agencies and businesses establish, participate in and maintain cyberthreat information sharing relationships.
Automated attacks have potentially compromised the majority of websites that run the Drupal content management system, giving attackers platforms for launching malware, DDoS attacks and spam, according to the Drupal security team.
Air-gapped networks promise security by disconnecting PCs from the Internet. But graphics cards in malware-infected systems attached to air-gapped networks can be made to broadcast data via FM radio to nearby smart phones, researchers warn.
The federal government's point man on the cybersecurity framework, Adam Sedgewick of NIST, responds to a critique by Larry Clinton of the Internet Security Alliance on the failure of NIST to outline the financial benefits of the framework.
Information security experts say espionage-focused attackers, apparently operating from Russia, have been using phishing e-mails and malware in multi-stage attacks designed to evade detection and steal political and military secrets.
In the wake of the JPMorgan Chase breach, which exposed personal information about millions of consumers and small businesses, banking leaders say they're increasingly concerned about cyber-attacks and geopolitical threats.
The annual Amsterdam gathering of information security aficionados detailed the very latest hacking threats, including cybersecurity attacks via drone, sniffing data from fitness devices, and exploiting ATMs using Raspberry Pi computers.
Sophisticated threats require advanced threat protection. A threat-focused next-generation firewall must adhere to three strategic imperatives. Learn how these imperatives improve defense against advanced threats.
What security and technology issues are top concerns for 2015? The transition to new payment methods and shoring up gaps in basic security practices, according to industry leaders at two ISMG summits last week.
Security vendor Proofpoint warns that a "malvertising" campaign has been launching ransomware attacks against users of numerous high-profile websites, including search site Yahoo, dating site Match.com, and an AOL real estate site.
Many issuers of chip-based credit cards will likely allow U.S. consumers to complete transactions with a signature, not a PIN, which will limit the fraud protections offered by EMV cards, says Citizen Financial Group's Tim Webb.