A jury's decision to award $940 million in damages to electronic health records software vendor Epic Systems, which had sued India's Tata Consultancy Services alleging theft of trade secrets, serves up lessons about the importance of restricting access to all sensitive data, including intellectual property.
Attackers have been exploiting JBoss application servers to install remote-control web shells as part of a campaign that targets enterprises with network-hopping SamSam (a.k.a. Samas) ransomware, researchers at Cisco Talos warn.
A cybercrime gang has been using new malware to target business customers of banks in the United States and Canada and steal millions of dollars, primarily from business accounts, researchers at the IBM X-Force security group warn.
Russian authorities have reportedly sentenced Dmitry "Paunch" Fedotov, the developer of the notorious Blackhole exploit kit that's been linked to large amounts of fraud, to seven years in prison - an unusually severe sentence for online crime in that nation.
Keith Alexander, former National Security Agency director, and Patrick Gallagher, who once headed the National Institute of Standards and Technology, will join Ajay Banga, chief executive of MasterCard, on the new Commission on Enhancing National Cybersecurity.
By a 28-0 vote, the House Judiciary Committee has approved legislation to require law enforcement to obtain a warrant before compelling third-party providers, including those offering cloud services, to surrender their customers' email and text content.
Is it ever acceptable for ransomware victims to pay a ransom to obtain the decryption key required to restore access to their data? Due to poor preparation, many organizations continue to face that question.
Backed by its own logo, Badlock refers to a set of critical Samba vulnerabilities in Windows and most Unix/Linux operating systems, which attackers could exploit to launch man-in-the-middle attacks against corporate networks.
The IRS, which has been plagued by data security incidents, faces the loss of key IT and data security personnel over the next year unless Congress renews a lapsed law that boosted the pay of top-notch personnel temporarily recruited from the private sector, IRS Commissioner John Koskinen tells Congress.
A British man who pleaded guilty to selling homemade distributed denial-of-service attack tools reportedly used to carry out more than 600,000 attacks has escaped jail time, with a judge calling him "young and naïve."
The Obama administration proposes to spend $3.1 billion next year to seed a fund designed to improve cybersecurity by modernizing federal IT. It's part of a legislative proposal to establish a board of government IT security experts to identify the highest priority modernization projects.
A House committee is seeking information about security breaches at the Federal Deposit Insurance Corp. in the wake of a former employee "inadvertently' departing the agency with a storage device that contained sensitive data on more than 44,000 individuals.
Security experts are once again warning all Flash users to either update or uninstall the browser plug-in software to protect themselves against active exploit kit attacks that are targeting a zero-day Flash flaw to install ransomware.
Organizations spend over 10 percent of their IT budgets on security, yet breaches continue to rise. Much of the problem revolves around the fact that most organizations have countless point tools, most of which don't work together to keep the organization secure and responsive.
A court has approved settlement of a class-action lawsuit filed by employees of Sony Pictures in the wake of its massive 2014 breach. But some legal experts say the consumer protections provided in the settlement do not go much beyond what the company should have routinely provided to victims in the wake of a breach.