Days after booting hackers from its network, the Democratic National Committee allowed incident-response firm Crowdstrike to publicly detail its findings. That's a rare - albeit welcome - move for other potential targets.
In an interview, Doug Johnson of the American Bankers Association explains why the ABA rejects the Retail Industry Leaders Association's contention that a legislative proposal to hold retailers to the same cybersecurity standards as banks is unfair.
With rampant password, patch management and data missteps, it can feel like information security déjà vu all over again as security professionals fight so many of the same battles as 10 or 20 years ago, says white hat hacker Cris Thomas, a.k.a. "Space Rogue."
For years, organizations have been threatened by DDoS attacks on several fronts, ranging from volumetric attacks to application-level and DNS strikes. Now come ransom-based attacks. Trey Guinn of CloudFlare discusses how to respond to each type of attack.
My initial reaction to Microsoft's announcement that it plans to buy LinkedIn for $26.2 billion in cash: I guess its massive 2012 data breach - and the loss of virtually every user's credentials - didn't hobble the company's long-term prospects.
First the hackers came for our credit cards. Now they're taking control of our TVs. Witness the latest version of FLocker - for "frantic locker" - which is designed to lock Android devices, including smart TVs.
As we prepare to mark the tenth anniversary of the PCI Security Standards Council, it's time to assess the impact PCI-DSS has had on payments security and consider whether it will remain a viable standard 10 years from now. A series of upcoming reports will address these topics.
For its next move since jettisoning storage firm Veritas and becoming a pure-play security vendor, Symantec plans to buy network and cloud security firm Blue Coat from private-equity owners Bain Capital for $4.65 billion, gaining a new CEO in the process.
More than 32.8 million Twitter credentials have been compromised and are being offered for sale on the dark web, claims LeakedSource, a subscription-based breach notification service. But some security experts question whether the credentials are current and authentic.
Dropbox is keeping a close eye on the latest news reports of big-name, big-data breaches, but says the reported hackers are bluffing when claiming to have compromised and obtained the web storage service's data.
The scale of the global IT security skills crisis is well documented. But what is its direct impact on cybersecurity with the government agencies of Washington, D.C.? Dan Waddell of (ISC)² discusses the problem - and a new way to address it.
Now that both the FBI and the FFIEC have issued alerts calling attention to the risks associated with interbank messaging and wholesale payments in the wake of SWIFT-related heists, U.S. institutions should brace for more regulatory scrutiny of bank-to-bank payments, financial fraud experts say.
Akamai warns of a rash of less sophisticated attempts to extort companies by threatening to strike with distributed denial-of-service attacks, which can be expensive for organizations to defend against.
Many organizations still fail to practice smart web security, warns penetration testing expert Ilia Kolochenko, who notes that 23 percent of all websites still use SSL version 3, despite it leaving them at risk from POODLE and BEAST attacks.