A hotel booking website hack - resulting in stolen payment cards - triggers a regulator's warning that businesses still need to pay close attention to eliminating SQL injection vulnerabilities from their websites and emphasizing secure coding.
The developers of the Backoff point-of-sale malware that's infected more than 1,000 U.S. businesses have continued to refine their attack code, including encrypting communications and making the malware tougher to spot or eradicate, researchers say.
After 20 years in the Army and nearly that long as an information risk management leader at the National Institute of Standards and Technology, Ron Ross says his career is still evolving. Find out what he plans to do next.
The new director of Britain's eavesdropping agency, GCHQ, has blasted U.S. technology firms, arguing that - intentionally or not - they're "the command-and-control networks of choice for terrorists and criminals."
The National Institute of Standards and Technology has released a draft of guidance aimed at helping government agencies and businesses establish, participate in and maintain cyberthreat information sharing relationships.
How relevant is ROI when demonstrating security to senior management? How seriously do Indian organizations take the practice of privacy? Sagar Karan, CISO at Fullerton India, shares his insights on these topics.
Automated attacks have potentially compromised the majority of websites that run the Drupal content management system, giving attackers platforms for launching malware, DDoS attacks and spam, according to the Drupal security team.
Air-gapped networks promise security by disconnecting PCs from the Internet. But graphics cards in malware-infected systems attached to air-gapped networks can be made to broadcast data via FM radio to nearby smart phones, researchers warn.
Information security experts say espionage-focused attackers, apparently operating from Russia, have been using phishing e-mails and malware in multi-stage attacks designed to evade detection and steal political and military secrets.
In the wake of the JPMorgan Chase breach, which exposed personal information about millions of consumers and small businesses, banking leaders say they're increasingly concerned about cyber-attacks and geopolitical threats.
The annual Amsterdam gathering of information security aficionados detailed the very latest hacking threats, including cybersecurity attacks via drone, sniffing data from fitness devices, and exploiting ATMs using Raspberry Pi computers.