The group of hackers who recently claimed to have hacked the CIA director's personal email account now says it has breached an FBI information-sharing portal. So far, the group has released contact information for about 2,400 law enforcement users.
Buoyed by massive illicit profits, cybercriminals have continued to refine their ransomware attacks, including updating their crypto techniques to foil decryption tools, encrypting file names and threatening to leak stolen secrets.
The National Institute of Standards and Technology has issued a Guide to Application Whitelisting that provides step-by-step instructions on deploying automated application whitelisting to help prevent malware from accessing IT systems.
In a video interview, Bob Carr of Heartland Payment Systems offers a frank assessment of missteps in the wake of the processor's landmark 2008 data breach, and he calls for widespread use of end-to-end encryption.
Under the White House's new cybersecurity strategy and implementation plan, federal civilian agencies face a Nov. 13 deadline to identify and report their high-value information and assets that could attract adversaries.
The FFIEC has issued an alert calling on financial institutions to take specific risk mitigation steps in light of an increase in the frequency and severity of cyberattacks involving extortion. Fraud experts applaud the move while offering additional recommendations.
The quantity and duration of distributed denial-of-service attacks continue to increase. The latest attacks are being launched via MySQL servers infected with Chikdos malware, as well as compromised Internet-connected CCTV systems, researchers say.
U.S. convenience stores and gas stations should be braced for a new uptick in pay-at-the-pump skimming attacks. A recent rash of attacks in Post Falls, Idaho, illustrates exactly why this form of fraud is becoming such a costly concern.
As U.S. financial institutions migrate to EMV, ACH and wire fraud is increasing, along with fraud tied to checking, says Mannie Da Silva of Fiserv. In a video interview, he discusses how banks can leverage new technologies, best practices and customer behavior data to stay a step ahead of fraudsters.
British police have arrested a third suspect in connection with the hack attack against telecommunications provider TalkTalk. Separately, Vodafone UK also issued an alert of a breach, which it traced to reused passwords.
Even though the U.S. is migrating to the EMV chip, Visa is still stressing the need for merchants to comply with the PCI Data Security Standard, says Eduardo Perez, the card brand's senior vice president of payment risk, in this video interview.
The so-called 30-day cybersecurity sprint championed by Federal CIO Tony Scott has resulted in a strategy and implementation plan for federal government civilian agencies that focuses on a defense-in-depth approach to IT security.
Senate-approved legislation that would incentivize businesses to share cyber threat information with the government also would strengthen the Department of Homeland Security's oversight of civilian federal agencies in implementing cyber safeguards.