Dozens of banks, governments and telecommunications companies have been struck by fileless malware, which resides in memory and leaves few traces for investigators, according to Kaspersky Lab. The use of open-source tools and utilities makes the attacks difficult to detect.
Just like epidemiologists studying disease outbreaks, cybersecurity professionals can benefit from identifying and mitigating certain behaviors, says Dr. Elizabeth Lawler, an epidemiologist who is CEO of Conjur, a data security firm.
Televisions that spy on their users have long been a trope of dystopian fiction, including George Orwell's "1984." But the spying TV appears to be far from fictional, according to a new settlement agreement reached between the FTC and smart-TV maker Vizio.
InterContinental Hotels Group is warning customers that malware infected point-of-sale devices at a dozen of its hotel restaurants and bars in North America and the Caribbean for up to four months in 2016. But it's unclear if the breach ties to reported exploits involving POS service providers.
Facebook is aiming to make account recovery and password resets more secure with a new, updated approach that eliminates outdated weaknesses such as emailed reset links, SMS messages and security questions.
Offspring of the Zeus banking Trojan continue to spring to life. Functionally, however, security experts say most POS-infecting banking malware remains almost identical. So why aren't more organizations putting well-known defenses in place?
Nearly three years after the Heartbleed bug - and 600,000 vulnerable servers - was discovered, the vulnerability lives on. The latest scans still count 180,000 at-risk servers. Why won't this bug just die?
President Trump is reportedly preparing to issue an executive order calling for a review of the nation's cybersecurity capabilities and vulnerabilities. The pending report outlines a series of steps to be taken within 60 days of the signing of the order.
Gartner analyst Avivah Litan has long been the go-to expert for insights on fraud detection. Now she has broadened her focus to cover endpoint security and user and entity behavioral analytics. Where do these topics converge, and what insights can she share on the 2017 cybersecurity outlook?
The subscription-based breach notification service LeakedSource appears to have gone dry. Security expert Troy Hunt says the privacy writing has been on the wall for the site, owing to it selling access to stolen personal data.
An overlooked security setting on Twitter may have allowed a hacker to guess the password-reset email addresses tied to accounts used by President Donald Trump, first lady Melania Trump, Vice President Mike Pence plus a top adviser. What's the risk?
Russian authorities have reportedly arrested a top computer security official at the Federal Security Service as well as a head Kaspersky Lab investigator on treason charges, alleging that they received money from "foreign organizations."
Australia's federal government is planning to brief the country's political parties next month on cybersecurity threats, a move fueled by worries its electoral process could be targeted by a foreign power.
RSA Conference 2017 is coming to San Francisco from Feb. 13 to 17. What new sessions, speakers and venues should attendees expect to see? Conference organizers Linda Gray Martin and Britta Glade offer a preview.
U.S. authorities are reportedly investigating whether Yahoo should have notified investors faster about two separate data breaches that it suffered in 2013 and 2014. Until last year, one breach remained undetected and the full severity of the other was not understood.