The "Bolware" malware gang has used Web injection and "man-in-the-browser" techniques to steal up to $3.75 billion. The attack campaign demonstrates how easily attackers anywhere in the world can commit browser-based fraud.
Oracle has stopped supporting XP, but promises the next update for Java 7 -- though not Java 8 -- will still run on XP. But for how long will this continue? Security experts chart XP's "downward spiral."
A hacker who pleaded guilty to infiltrating law enforcement computer networks across the U.S. has been charged once again, this time with breaching a helpdesk company that supports companies such as Twitter.
From Neiman Marcus to P.F. Chang's, 2014 has shaped up to be the 'Year of the Data Breach.' What lessons can be gleaned from the trenches of breach investigation? Experian's Michael Bruemmer shares tips.
The "Energetic Bear," a.k.a. "Dragonfly," hacking campaign targets U.S. and Western European energy firms. While the hackers appear to be backed by Russia, the purpose of their attacks remains unclear.
Microsoft launched a botnet-focused takedown effort that didn't just block small-scale campaigns tied to two pieces of malware, but also resulted in an estimated 4 million legitimate site names being disrupted.
Using big data to fight fraud is a challenge for most organizations. Andreas Baumhof of ThreatMetrix explains how context-based authentication combines fraud and security to leverage the use of big data.
As Keith Alexander tells it, when he led the National Security Agency, he didn't exist. Alexander discovered that 'fact' after he retired on May 21 as director of the NSA and commander of the Cyber Command and began shopping to buy a new home.
Thefts of iPhones in New York, San Francisco and London declined after Apple added a remote-disabling feature. Now Google and Microsoft have promised to offer the feature in their mobile operating systems.
If the NSA's meddling in NIST cryptography standards soiled the reputation of the National Institute of Standards and Technology, an amendment approved by the House of Representatives could help restore it.
Infrastructure security used to be more manageable. But it's far more complex in today's cloud environment. Carson Sweet of CloudPassage shares insight and strategies to improve cloud infrastructure security.