A watchdog agency's audit of the Department of Veterans Affairs makes nearly three dozen recommendations for how the VA should address "material weakness" in its information security program. The VA's CIO tells Congress all the issues raised will be addressed by the end of next year.
In the world of the extended enterprise, everybody seeks greater visibility into network activity. But Gidi Cohen was there in 2002, founding Skybox Security to provide analytics to improve cybersecurity. Cohen discusses the evolution of visibility.
Attackers have targeted an unknown number of Russia's 700 banks with bogus security-alert emails. The combination of official-looking infrastructure and digitally signed malware recalls the Anthem attack, among other campaigns.
Although most breach-related class action lawsuits fail, a multimillion dollar settlement of a suit stemming from a data breach at St. Joseph Health System in California illustrates how egregious breaches can have serious financial consequences.
Apple has unloaded another blistering legal response to the Justice Department over the court order obtained by the FBI that requires the company to help unlock an iPhone used by one of the San Bernardino shooters.
A new report suggests that a Chinese cyber espionage APT attack group is behind a string of targeted ransomware infections that have slammed U.S. firms. Dig into the details, however, and the report is nothing but speculation, two security experts caution.
Without saying the word "backdoor," President Barack Obama used an appearance at the South by Southwest conference to argue that law enforcement agencies need weak crypto and likened strong crypto to "walking around with a Swiss bank account in [your] pocket."
Advanced attacks are out, while persistent, relatively simple attacks are in. Despite all of the APT hype in recent years, cybercriminals, and especially nation-state attackers, prefer to keep things simple. Information security experts explain why.
Credit card and other personal information was exposed in a data breach of Internet hosting provider Staminus Communications, which specializes in protection against distributed denial-of-service attacks. The company hosts the website of the Ku Klux Klan white supremacist group, which was also brought down.
The FBI calls ransomware "a prevalent, increasing threat." One recent campaign earned at least $325 million in global profits, while U.S. victims tell the FBI they paid $24 million in ransoms in 2015. And attackers are plowing profits back into improving their malicious code.
Although relatively few carriers offer cyber insurance, buyers can negotiate favorable terms when purchasing policies, say Experian's Michael Bruemmer and NetDiligence's Mark Greisiger, who explain why in this interview.
In a filing rebutting Apple's appeal of a court order requiring the company to help the FBI unlock the iPhone used by a shooter in the San Bernardino massacre, the Justice Department says Apple's rhetoric is "false" and "corrosive" to the institution that safeguards Americans' liberties and rights.
We all realize that the black hats are typically a step ahead of the white hats. But do we accept that our own security controls are contributing to the deficit? Sam Curry of Arbor Networks describes how security leaders can regain their lead in this video interview.
The volume and complexity of online attacks continue to increase, which creates a challenge for information security managers, says Darrell Burkey, director of product management for Check Point Software Technologies, in this video interview.