An ongoing APT campaign employs decoy documents to lure potential victims into installing malicious remote-control tools. Targets include at least one bank, the BBC and many U.S. and EU government agencies.
Security researchers say the international takedown of the Gameover Zeus botnet and servers for CryptoLocker ransomware will have a positive short-term impact, but they warn the threats could quickly re-emerge unless key steps are taken.
The OpenSSL Project is receiving new funding to support its operations following the Heartbleed exploit that exposed a flaw in the cryptographic tool that's used to provide communications security and privacy online.
A new report for shareholders recommends that seven members of Target Corp.'s board of directors should be replaced as a result of the retailer's massive data breach. Experts discuss the role boards must play in cybersecurity.
Web application attacks increased more than malware-fueled point-of-sale intrusions last year, Verizon's latest breach report shows. Analyst Dave Ostertag reviews the complete results and offers breach prevention insights.
Healthcare organizations are becoming a bigger target for cybercriminals because so much more clinical and financial information is now stored in potentially vulnerable information systems, says security expert Mac McMillan.
Several state attorneys general are investigating the data breach at eBay, which potentially exposed the encrypted passwords of 145 million customers. Plus, the New York AG is asking the company to provide free credit monitoring to those affected.
There are a number of reasons why the U.S. government indicted five Chinese army officers for hacking American corporate computers to steal intellectual property. Bringing the assailants to justice isn't one of them.
Organizations looking to build a better breach response strategy need to emphasize the basics, including ensuring they have a well-qualified response team in place, security experts, including attorney Ron Raether, advise.
Conventional wisdom dictates that the high demand for IT security practitioner would cause salaries to rise, perhaps significantly. But a new study by SANS shows only a slight fattening of paychecks for many IT security professionals.
The UK Information Commissioner's Office says that neglecting to keep software security up to date and failing to encrypt online communications are among the top cybersecurity vulnerabilities at government and private-sector organizations.