The Ukrainian energy sector is being targeted by fresh phishing attacks, the country's computer emergency response team warns. But it's not clear who's behind those campaigns, or a recent malware infection at Kiev's main airport.
It's time to start to think about the cybersecurity agenda for the 45th president of the United States, who takes office a year from this week. What's on your list of cybersecurity challenges the next president must tackle?
Here's why the acquisition of rival threat-intelligence firm iSight Partners by breach investigation heavyweight FireEye makes sense, and why market watchers predict that other stand-alone intelligence firms will soon get snapped up.
A lawsuit filed against security firm Trustwave is raising questions about "PCI Professional Forensic Investigators" and how they are monitored by the PCI Security Standards Council. But experts say the onus is on companies, not the council, to ensure their security practices are adequate.
Why do we continue to be so stupid about how we use passwords? A review of 2015 data breaches finds that it's not just users of infidelity websites who remain reckless with their password choices.
Millions of Android devices - as well as desktops and servers - are at risk from a newly disclosed flaw in the Linux kernel that a malware-wielding attacker could exploit to seize full control of the device.
If presidential candidates don't have the technical know-how to take an educated stand on whether tech companies should provide the government with a backdoor to encryption, how can we judge if they'll make the right choice if they get elected?
A new report from security firm FireEye that says the mobile banking Trojan dubbed SlemBunk is rapidly becoming more sophisticated illustrates why mitigating mobile malware risks must be an urgent priority for banks this year.
The FBI is investigating the point-of-sale malware breach at hotel chain Hyatt, which says related infections stretched for four months and affected 250 hotels worldwide. But Hyatt has yet to reveal how many customers or payment cards were compromised - or how attackers got in.
The FFIEC's Cybersecurity Assessment Tool needs to be redesigned, as the tool's current design sets institutions up for cyber-risk assessment failure. Industry leaders say they're hopeful that change is on the way because the FFIEC is reviewing a second wave of comments about the tool's efficacy.
Microsoft has patched a new, critical remote code execution vulnerability affecting all versions of Internet Explorer, but it's now only supporting and patching IE 11 and Edge. Potentially, several hundred million users of old IE versions are now at risk.
Tracing bitcoin transactions, some security experts suspect multiple gangs have each amassed more than $1 billion, making them the equivalent of "unicorns" - a term venture capitalists apply to extremely successful startup firms. In case there was any doubt, cybercrime really does pay.
Reliable data specifying the number of people employed in the United States in cybersecurity field is hard to find. But one government survey shows a 5 percent increase among information security analysts in 2015.
Networking vendor Fortinet refutes a researcher's assertions that there is an SSH "backdoor" in the FortiOS firmware that runs its devices. Many experts say that while the patched flaw looks unintentional, it might still serve as a backdoor.
The discovery of a serious remote code execution flaw in Trend Micro's consumer security software - now patched - is a reminder that even security software has code-level flaws. But shouldn't security vendors be held to a higher standard than others?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
