The hacker community can be a cynical crowd, or perhaps a realistic one, that tries to make the best of the threats confronting society. CISO Dan Geer, for example, prefers to hire security folks who are, more than anything else, sadder but wiser.
A report that a Russian hacker group dubbed "CyberVor" is hoarding more than 1 billion stolen passwords triggered worldwide concern, but security experts caution that scant details have been revealed, making the threat tough to judge.
Today's sophisticated attackers use ever-stealthier malware and zero-day exploits to evade traditional security defenses, making organizations increasingly vulnerable to advanced persistent threats (APTs). These APTs seek to exfiltrate critical data over the long term.
Cybersecurity researchers at the Georgia Tech Research Institute are developing a tool known as BlackForest that amasses information from the Internet to give organizations an early warning of a pending cyber-attack.
Warning from the U.K. Information Commissioner's Office: Businesses that work with big data must ensure they still comply with EU data protection regulations, especially when it comes to keeping personal information private.
A low-tech campaign combines phishing, small-footprint attack code and Android malware to topple banks' security defenses in Switzerland and three other nations. Will the campaign extend to U.S., U.K., and beyond?
Big data has been the recent buzz in security circles, but what are organizations missing by overlooking the power of "small data?" Verizon's Jay Jacobs discusses how to get the most from data analytics.
The 9/11 Commission, in its 10th anniversary report, cautions Americans and the U.S. government to treat cyberthreats more seriously than they did terrorist threats in the days and weeks before Sept. 11, 2001.
A challenge examiners face in conducting forensic investigations in the cloud is that they don't have access to the servers. That's just one problem the National Institute of Standards and Technology is addressing.
Two zero-day vulnerabilities reportedly were exploited by the attackers who hacked NASDAQ's systems in 2010. While a senior U.S. legislator claims the hackers had "nation-state" backing, security experts say it's still not clear who hacked NASDAQ or why.