Exasperated House Oversight Committee Chair Jason Chaffetz faults OPM Director Katherine Archuleta for not embracing a 2014 inspector general recommendation to shutter unauthorized IT systems that hackers eventually breached.
A new Obama administration cybersecurity initiative isn't placing new burdens on federal government agencies; it's aimed at getting them to comply with recommended safeguards they've failed to implement.
The investigation into the U.S. Office of Personnel Management breach has reportedly found that foreign spies may have stolen deeply personal information on up to 14 million current and former federal workers, going back three decades.
Symantec has issued new warnings about a malware strain known as Poweliks, noting that this Trojan is being used in conjunction with ransomware. But security experts disagree over the severity of the threat.
Some privacy experts say a new Internal Revenue Service collaborative initiative aimed at reducing identity theft and fraud affecting taxpayers comes up short. Find out what other steps they'd like to see the IRS take.
An international police effort dubbed "Operation Triangle" has resulted in the arrest of 49 suspected members of a cybercrime group accused of launching phishing attacks to steal at least $6.7 million.
A massive breach at the U.S. Office of Personnel Management wasn't discovered by government sleuths - or the Einstein DHS intrusion detection system - but rather during a product demo, a new report says.
In addition to providing training, healthcare organizations should consider implementing technology to help prevent user mistakes that can lead to breaches of protected health information, says Geoffrey Bibby of ZixCorp.
Encrypted browsing - using HTTPS - helps secure online communications, and Apple says developers must now employ the protocol by default. Likewise, the White House says that by 2017, all federal websites must adopt HTTPS-only policies.
Kaspersky Lab has discovered a new, advanced persistent threat - inside its own networks. Dubbed Duqu 2.0, the malware has ties to Stuxnet, and was used to target Iranian nuclear negotiations, researchers say.
If you look at recent breaches, you see a common thread: If privileged identities were better managed, breach impacts would greatly lessen. Bill Mann of Centrify discusses the essentials of privileged ID management.
A three-month breach of card transactions at New York's Eataly restaurant/grocery store, and reports about two new malware strains, highlight why more attention needs to be paid to POS system security.