Security experts warn of an increased risk that terrorists will disrupt the financial sector via cyber-attacks. In response, law enforcement authorities who monitor U.S. and U.K. financial markets plan to embed employees in each other's organizations.
Cybersecurity specialists need to learn to think like an adversary in order to develop sound defense strategies, says Greg Shannon, chief scientist at the CERT Division of Carnegie Mellon University's Software Engineering Institute.
Testifying at a House hearing, a U.S. Postal Service official defended the delay in notifying USPS workers of a breach that exposed Social Security numbers, contending authorities initially didn't know what data was pilfered.
Microsoft has issued an emergency fix for a vulnerability in Windows Kerberos that is being exploited via in-the-wild attacks. Attackers can leverage the flaw to gain all-access rights to anything inside an Active Directory Domain, experts warn.
Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.
From PCs to tablets to smartphones, customers enter institutions from all electronic angles. And these new banking habits put new strains on traditional IT infrastructure. How can banks ensure security?
Foreign spy agencies have powerful incentives to hack U.S. government IT systems, and that won't change, experts say, as they react to suspected Chinese involvement in the breach of National Oceanic and Atmospheric Administration websites.
Organizations in all business sectors should take a series of steps to guard against "visual hacking," a low-tech method used to capture sensitive, confidential and private information for unauthorized use.
Microsoft has issued a patch to correct a critical vulnerability in Schannel, which encrypts transactions on most Windows platforms. The bug is "concerning" for organizations running the service, some experts say, comparing it to the Heartbleed flaw.
Information security experts argue that India's current National Cyber Security Policy is restricted to being merely a draft paper and leaves much to be desired in chalking out a clear implementation strategy.
FireEye is warning Apple users about a flaw in which downloaded malicious apps can replace genuine iOS apps, an exploit the security firm is dubbing the "Masque Attack." Experts offer insights on mitigating the threat.
Troy Leach of the PCI Security Standards Council says log monitoring is an effective data breach detection tool that, unfortunately, not enough merchants put to use. He explains how upcoming PCI guidance could help with implementation.