In the wake of a May cyber-attack against the IT infrastructure of Germany's lower house of parliament, or Bundestag, investigators say they have been unable to eradicate all traces of the Trojan infections, and that up to 20,000 PCs might need to be replaced.
Some privacy experts say a new Internal Revenue Service collaborative initiative aimed at reducing identity theft and fraud affecting taxpayers comes up short. Find out what other steps they'd like to see the IRS take.
Medical Information Engineering, which offers Web-hosted EHRs as well as personal health records, reports a hacker attack has exposed an undisclosed number of patients' health information and Social Security numbers.
A massive breach at the U.S. Office of Personnel Management wasn't discovered by government sleuths - or the Einstein DHS intrusion detection system - but rather during a product demo, a new report says.
In addition to providing training, healthcare organizations should consider implementing technology to help prevent user mistakes that can lead to breaches of protected health information, says Geoffrey Bibby of ZixCorp.
EdgeWave's Mike Walls, a former bomber pilot who led Navy red teams, says penetration testing is useful in analyzing bits and bytes but not the readiness of operations under attack from cyberspace. Red teams, he says, can analyze the impact on operations.
Encrypted browsing - using HTTPS - helps secure online communications, and Apple says developers must now employ the protocol by default. Likewise, the White House says that by 2017, all federal websites must adopt HTTPS-only policies.
Khalid N AI Hashmi, undersecretary of cyber security at ministry of communication and information technology, says resilience and security in cyberspace are vital to Qatar's continued success and growth.,
Too few security systems interoperate, which makes it difficult for organizations to block or detect data breaches. But Cisco has an interoperability plan to improve the state of cybersecurity defenses, Chief Security Architect Martin Roesch says.
Kaspersky Lab has discovered a new, advanced persistent threat - inside its own networks. Dubbed Duqu 2.0, the malware has ties to Stuxnet, and was used to target Iranian nuclear negotiations, researchers say.
If you look at recent breaches, you see a common thread: If privileged identities were better managed, breach impacts would greatly lessen. Bill Mann of Centrify discusses the essentials of privileged ID management.
For Symantec, the investigation into the Duqu 2 began May 29, when Kaspersky Lab shared samples of the espionage malware - which is based on Flame and Stuxnet - and asked the security researchers to help verify its findings.