Sometimes language barriers can be a good thing: Many malware-wielding cybercriminals have historically targeted users in North America and Europe over Japan, owing to linguistic challenges. But that's changing.
Law enforcement and intelligence agencies will have plenty of chances to snoop on criminals, terrorists and citizens even as communications vendors enable default encryption on mobile devices, a study from Harvard University says.
A new methodology for assessing whether a medical device cybersecurity issue is likely to pose a danger to patients should be available later this year, says cybersecurity researcher Billy Rios in this in-depth interview.
Mobility and IoT are acknowledged by security practitioners to be a whole different beast when it comes to management. MetricStream's French Caldwell says that GRC likewise needs to change its paradigm to accommodate this disruption.
The U.S. government's intrusion detection and prevention program known as Einstein has limited ability to detect breaches of federal information systems, according to a new Government Accountability Office report.
When is a breach not a breach? When you can prove that sensitive data has not been accessed - even off a lost or stolen device. And the way to ensure that, says former prosecutor Stephen Treglia, is through Absolute Data & Device Security.
Financial losses tied to fraud against bank accounts increased about 12 percent from 2012 to 2014, but banks are not to blame. To the contrary, the ABA argues that banks are actually making significant strides in their fraud prevention efforts.
Congressman Will Hurd has a simple request for U.S. government agencies: Have you been using vulnerable Juniper Networks devices? But Congress needs to consider tougher questions about its culpability in this backdoor debacle.
Global restaurant chain Wendy's is investigating a suspected data breach following fraud patterns tied to credit and debit cards used at some of its locations. Two card issuers confirm that they've seen signs of related fraud in some U.S. regions.
Cybercriminals are in mourning after the shocking announcement from Oracle that it will deep-six its beloved Java Web browser plug-in technology, owing to browser makers failing to support "standards based" plug-ins.
Israel has reportedly foiled a "severe cyberattack" launched against the Israeli Electricity Authority. The malware attack doesn't appear to have resulted in any disruption to the country's power grid, but many government systems remain offline.
Insurer Centene Corp.'s loss of unencrypted hard drives storing information on nearly 1 million individuals raises the issue of when encryption is appropriate and points to the need for all organizations to improve their tracking of IT inventory.
How many networking vendors - like Juniper - have been selling devices with backdoors attackers could use to intercept and decrypt communications? Some networking giants say they've launched code reviews. But why are eight vendors staying silent?
Networking giant Fortinet warns that more products than it initially suspected have a hardcoded password that attackers could abuse to remotely gain backdoor access to vulnerable devices. But why did the flaws take so long to be found?