The response by Sony Pictures Entertainment executives to the hack attack against their company provides a number of great examples for how to not to handle a data breach. Here are 7 key mistakes they made.
Researchers are alarmed about the increasing sophistication of crimeware-as-a-service, an underground business model that pushes adaptable malware from a botnet. How can banking institutions defend their accounts?
A tiny Illinois hospital was the target of an extortion scheme in which an anonymous e-mailer threatened to make public patients' information. The incident shows why providers of all sizes need to be prepared to deal with emerging threats.
The sentencing of a former Alabama hospital worker to two years in prison for his role in an ID theft incident that resulted in tax refund fraud, and a related class action lawsuit, illustrate that insider threats are a major ongoing challenge, two privacy experts say.
A report claiming that Las Vegas Sands Corp. was hit with a "wiper" malware attack back in February, similar to one that recently affected Sony Pictures Entertainment, illustrates why more organizations need to mitigate the risks of such an attack.
A recent blog post by Managing Editor Mathew J. Schwartz, "Why Are We So Stupid About Passwords?" raised a number of issues about the ongoing risks involved in using passwords for authentication. Read the strong reaction to the commentary and join the conversation.
A new version of the Destover malware includes a legitimate certificate from Sony. But a researcher claims it's a hoax. Meanwhile, new evidence emerges that the hackers who attacked Sony Pictures Entertainment had criminal - not nation-state - intentions.
Payment solutions provider Charge Anywhere is warning merchants and cardholders of a data breach that may have exposed information related to payment card transactions dating back as far as Nov. 5, 2009.
The "wiper" malware attack against Sony Pictures Entertainment has numerous commonalities with previous wiper attacks in Saudi Arabia and South Korea. This infographic summarizes the attacks and highlights their similarities.
The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.
Except for the leak of celebrities' private data, the "wiper" malware attack against Sony Pictures Entertainment shares "extraordinary" similarities with previous wiper attacks in Saudi Arabia and South Korea, a security researcher finds.
At a time of growing anxiety over cybercrime, especially among businesses victimized by cyber-attacks, the Justice Department is creating a cybersecurity unit aimed, in part, to better engage the private sector to battle online crime.
A remote-access attack that compromised a parking facility provider with locations in Illinois, Pennsylvania, Ohio and Washington highlights how commonly used point-of-sale terminal and software brands are increasingly being exploited by hackers.