The National Institute of Standards and Technology should use the cryptographic community to help vet the advice it gets from the National Security Agency when creating cryptography guidance, a panel of prominent experts recommends.
British police have worked with an international consortium of law enforcement agencies and information security firms to disrupt financial malware known as Shylock used to infect more than 60,000 PCs and steal millions of dollars.
With the Senate Intelligence Committee overwhelmingly approving the Cybersecurity Information Security Management Act, common wisdom dictates the bill will head directly to the Senate floor. Not so fast.
Is having too many stakeholders who care about cyberspace's viability a hindrance to security? That's one way to interpret comments from White House Cybersecurity Coordinator Michael Daniel as he addresses the challenges of governing the Internet.
The "Bolware" malware gang has used Web injection and "man-in-the-browser" techniques to steal up to $3.75 billion. The attack campaign demonstrates how easily attackers anywhere in the world can commit browser-based fraud.
Characterizing the state of employment among American information security practitioners, executive recruiter Joyce Brocaglia says, "We are experiencing negative unemployment in the field of information security."
Oracle has stopped supporting XP, but promises the next update for Java 7 -- though not Java 8 -- will still run on XP. But for how long will this continue? Security experts chart XP's "downward spiral."
When the U.S. transitions to chip-secured payment cards, banking institutions will see a significant uptick in card-not-present fraud. What can they be doing now to prepare? Fiserv's Patrick Davie shares tips.
From Neiman Marcus to P.F. Chang's, 2014 has shaped up to be the 'Year of the Data Breach.' What lessons can be gleaned from the trenches of breach investigation? Experian's Michael Bruemmer shares tips.
The "Energetic Bear," a.k.a. "Dragonfly," hacking campaign targets U.S. and Western European energy firms. While the hackers appear to be backed by Russia, the purpose of their attacks remains unclear.