Security vendor ProtectWise says a series of operating mistakes has allowed it to gain insight into a group, believed to be affiliated with Chinese intelligence, that specializes in stealing code-signing certificates. The certificates allow for the signing of malware that's unlikely to raise security alarms.
We all know about May 25 and the enforcement deadline for Europe's General Data Protection Regulation. But what impact will GDPR have on cybersecurity programs? Danny Rogers of Terbium Labs weighs in on the topic.
You know that you've got a problem to solve but how will you address it? More importantly, who will help you address it? This is the crux of the build versus buy debate that companies are currently having with themselves.
While building and buying both have their merits, they also have costs which should be...
Email is still the most common attack vector as a preferred method utilized by attackers because of the overwhelming effectiveness. Phishing attacks have only been increasing and evolving to bypass modern security appliances, endpoint protection, and user awareness training.
The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized businesses should not breathe any sighs of relief. They are very much still targets, says Austin Murphy of CrowdStrike. He offers cybersecurity advice to SMBs.
Under Armour says an unauthorized intruder gained access to information for the accounts of 150 million users of its MyFitnessPal mobile app and website. Learn why some fear the breach could lead to a massive phishing campaign.
Police have charged 20 Romanian and Italian nationals with running spear-phishing attacks that stole more than $1 million from online bank customers. Phishing remains a favored criminal technique for harvesting account credentials and cryptocurrency, as well as corporate secrets.
Ecuador's embassy in London has again revoked internet access for seven-year houseguest Julian Assange, saying the WikiLeaks chief violated an agreement to not interfere in other countries' matters. WikiLeaks' star has continued to fall since it's been revealed to be an apparent Russian stooge.
Evidence continues to mount that Russian intelligence created the "Guccifer 2.0" hacker online persona as a "plausible deniability" cover for dumping information stolen from the U.S. Democratic National Committee, among other targets, says cybersecurity expert Alan Woodward.
If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.