Security experts see the FIDO Alliance's release of two universal authentication specifications as a positive move in the effort to eliminate passwords. But the standards' impact will be minimal unless they're widely adopted.
A recent blog post by Managing Editor Mathew J. Schwartz, "Why Are We So Stupid About Passwords?" raised a number of issues about the ongoing risks involved in using passwords for authentication. Read the strong reaction to the commentary and join the conversation.
A new version of the Destover malware includes a legitimate certificate from Sony. But a researcher claims it's a hoax. Meanwhile, new evidence emerges that the hackers who attacked Sony Pictures Entertainment had criminal - not nation-state - intentions.
It's been a year since the Target breach called attention to the need to ramp up cybersecurity at U.S. retailers. Here's a look at seven important lessons learned since then.
Security experts are sounding warnings that a flaw known as POODLE, revealed Oct. 14, can now be used to decrypt some Internet communications secured using TLS. Vendors have begun describing workarounds and issuing patches.
Ten months after NIST issued a draft report proposing changes on how it develops cryptographic standards, following reports that the NSA tampered with a NIST cryptographic algorithm, the institute has yet to finalize that guidance.
The "wiper" malware attack against Sony Pictures Entertainment has numerous commonalities with previous wiper attacks in Saudi Arabia and South Korea. This infographic summarizes the attacks and highlights their similarities.
Like the Target breach a year ago, the Sony Pictures Entertainment hack that's grabbed recent headlines will prove to be a catalyst for change, grabbing the attention of CEOs and board members and spurring them to beef up information security.
The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.
When you're thinking about securing your data assets and web site, how do you really know the value of what you're protecting? Akamai's Terrence O'Connor shares how to determine the cost of a data breach.
Lawmakers and their staffs are working behind the scenes to get one or perhaps two pieces of cybersecurity legislation enacted before the 113th Congress adjourns this month. But passage remains a longshot.
Technology will always play a critical role in security. Yet, companies cannot rely exclusively on the tools. People present a number of security-related problems that companies must address with education.
A remote-access attack that compromised a parking facility provider with locations in Illinois, Pennsylvania, Ohio and Washington highlights how commonly used point-of-sale terminal and software brands are increasingly being exploited by hackers.
The destructive code that was used to infect and erase hard drives at Sony Pictures Entertainment - and which apparently was the subject of a recent FBI "flash alert" - has been identified as "wiper" malware known both as Destover and Wipall.
Who hacked Sony? Not us, say the North Koreans, ending days of silence. As Deloitte becomes the latest victim of the G.O.P. gang that's claimed credit, one thing is certain: Sony won't have to buy the movie rights to this hacking story.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.