The Ukrainian energy sector is being targeted by fresh phishing attacks, the country's computer emergency response team warns. But it's not clear who's behind those campaigns, or a recent malware infection at Kiev's main airport.
A lawsuit filed against security firm Trustwave is raising questions about "PCI Professional Forensic Investigators" and how they are monitored by the PCI Security Standards Council. But experts say the onus is on companies, not the council, to ensure their security practices are adequate.
GOP presidential hopeful Carly Fiorina proposes standing up a centralized cyber command that would be responsible for all aspects of government IT security response. But such a plan could face resistance in Congress if it gives the military authority over federal civilian cybersecurity.
Malware: How does it work, who built it and what - or who - is it designed to target? Answering these types of questions is a job for Marion Marschalek of Cyphort, who reverse-engineers malicious code for a living.
Ireland's Cyber Crime Conference in Dublin drew a capacity crowd for a full day of security briefings, networking, hotly contested capture-the-flag and secure-coding challenges, as well as a chance to sharpen one's lock-picking skills.
The FBI is pursuing a suspected Russian hacker who reportedly amassed a trove of 1.2 billion stolen online credentials, plus payment card data and Social Security numbers, and who's offered access to hacked Facebook and Twitter accounts.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
Here's how police and intelligence officials in Europe and the United States are collaborating to identify and disrupt the network of people that planned, supported and launched the Nov. 13 terror attacks in Paris.
Security experts warn about a trio of new threats: GreenDispenser cash-out malware, the Shifu banking Trojan being spread via malvertising attacks and Neutrino crimeware getting an upgrade to steal payment-card data.
Organizations create more data than ever, and they face more requirements to collect and present it for investigations and legal cases. How do they avoid spoiling this data? Zapproved's Sarah Thompson offers tips.
How might federal authorities approach a forensics examination of Hillary Clinton's email server? ISMG asked four experts for their insights. Their observations - shared in this audio report - might surprise you.
Attributing who's behind cyberattacks is essential because it helps organizations build better defenses against future attacks, says Greg Kesner, former chief of the Federal Bureau of Investigation's Data Intercept program.
An unconfirmed post-breach report for bitcoin exchange Bitstamp shows the organization was targeted by a sustained attack that combined phishing via email and Skype with macro malware to successfully steal almost 19,000 bitcoins, worth $5 million.
During a time of significant change for corporations, when today's modern network extends far beyond the company's physical walls, it's disturbing that companies face such well-organized and pervasive threats.
Prosecutors love to tell judges that sentences for hackers and cybercriminals must be strong enough to deter future such crimes. But as the case of Silk Road mastermind Ross Ulbricht shows, they've failed to make the case for deterrence.