Manufacturers of PCs and mobile devices must end the practice of preloading "bloatware." Lenovo's experience with offering "free" adware shows the hidden security and performance tradeoffs buyers must endure.
Learning more about potential attackers and their preferred information targets is one of the best ways organizations can mitigate their cyber-attack risks, says Bank of the West's David Pollino, a featured speaker at ISMG's Fraud Summit LA.
Big Fish, a Seattle-based online game producer and distributor, is notifying an undisclosed number of customers that their payment card information may have been compromised following a malware intrusion.
Some security experts contend that users of numerous types of Lenovo PCs and laptops are at risk of having their encrypted traffic get intercepted because of installed-by-default Superfish adware, which handles digital certificates insecurely.
Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.
Is your organization running its anti-malware defenses properly? Don't be so sure. A new study finds that essential features built into anti-virus software are not always being used. From an information security standpoint, that's a serious problem.
Extradited Russian national Vladimir Drinkman, who's been charged with masterminding the largest-ever hack attack in U.S. history, this week pleaded not guilty in U.S. federal court to 11 charges relating to the theft of 160 million payment cards.
Target is the high-profile example, but many organizations have been breached through third-party vulnerabilities. Where are the security gaps, and how can they be filled? BitSight's Stephen Boyer offers insight.
The Anunak/Carbanak gang continues to rob financial services firms and retailers, in part with ATM malware. A new report says the cybercrime gang has stolen up to $1 billion from banks in Russia, the U.S. and beyond.
The volume of spam messaging is down, but the bogus messages that are getting through? They're more malicious than ever, says Cisco's Jason Brvenik. He shares insights from Cisco's 2015 Security Report.
In a Feb. 13 keynote speech at a cybersecurity summit, President Obama described the cyberworld as the "wild, wild West" and the American government as the sheriff. Then he signed an executive order aimed at boosting cyberthreat information sharing.
Enterprise IT administrators are being urged to immediately patch a flaw that affects every Windows system released for the past 15 years. Attackers could remotely exploit the flaw to take control of a device and run any code of their choice.
As hack attacks, such as the breach of Anthem Inc., become more common, it's more critical than ever for organizations to carry out an "adaptive defense model" to protect sensitive information, says Dave Merkel, chief technology officer at FireEye.
The Anthem breach, which possibly started with a phishing campaign, is a prime example of how hackers are perfecting their schemes to target key employees who have access to valued information, says Dave Jevans of the Anti-Phishing Working Group.