When Yahoo first disclosed a massive 2013 breach last year, it said 1 billion accounts appeared to have been compromised. But the search giant, now owned by Verizon, says "new intelligence" has revealed that the breach compromised every single Yahoo account, affecting 3 billion users in total.
A top Department of Homeland Security cybersecurity official says DHS is seeking to play a more active role in responding to cyber incidents at other U.S. federal agencies. At a House hearing, the top DHS policymaker also said securing the U.S. election system is his No. 1 priority.
The latest edition of the ISMG Security Report is devoted to a special report on how enterprises around the world should prepare for the European Union's General Data Protection Regulation, which starts being enforced in May.
A federal criminal case alleges that a former Hewlett-Packard Enterprise Corp. employee shut down Oregon's Medicaid information systems for several hours after he was laid off. Some security experts caution organizations to take steps to minimize risks from workers who are laid off or fired.
A zero-day vulnerability in Apple's built-in password manager can be exploited, allowing attackers to steal all stored credentials in clear-text format, a security researcher warns. The flaw affects the latest version of macOS - High Sierra - plus one or more prior versions.
Artificial intelligence and machine learning are among the top industry buzzwords of the year. But how can AI truly make a significant impact on organizations' cybersecurity operations? Brian NeSmith of Arctic Wolf Networks offers insight.
Organizations are drowning in data, and they cannot even inventory it all - much less secure it. How, then, do they shift to focusing on their most sensitive data? Rob Douthitt of SolarWinds MSP offers new strategies.
Attackers are increasingly hacking into banks' networks to gain access to the IT infrastructure connected to their ATMs, security experts warn. Attackers push malware onto ATMs that's designed to allow money mules to "jackpot" or "cash out" the machines, then delete itself.
It's the age of "open banking," and that means changes for banking institutions and their customers - as well as for the fraudsters. Shaked Vax of IBM Security Trusteer talks about new vulnerabilities and anti-fraud strategies.
Researchers investigating the CCleaner malware outbreak have had a lucky break: The attackers' backup server shows that they pushed secondary malware onto systems at Intel, VMware, Fujitsu and Asus, among others, as part of what appears to be a very targeted attack campaign.
Aetna will move from passwords to continuous behavioral authentication next year on its consumer mobile and web applications for better security and end-user experience, says Jim Routh, the health insurer's CISO.
All the key players of a company's management group, including the CISO, need to be involved in the decision about whether to invest in cyber insurance, says Greg Markell of Ridge Canada Cyber Solutions, a cyber insurer.
Network by network, device by device, today's security threats spread through an organization like wildfire. But Druce MacFarlane of Bricata says security leaders are making fundamental mistakes with their focus on perimeter and endpoint security.