Everyone's talking about business email compromise, but what they aren't talking enough about is what's at the root of these attacks - spear phishing. Joseph Opacki of PhishLabs discusses how security leaders must respond to the threat.
Despite the focus on external cyberattacks, insider attacks are almost as common and can potentially cause significantly more damage, says Michael Theis of Carnegie Mellon's CERT Insider Threat Center. In a video interview, he describes how science-based models can help organizations fight the battle from within.
HP has agreed to sell its intrusion detection and prevention software unit TippingPoint to security vendor Trend Micro for $300 million. But analysts say Trend Micro faces stiff breach detection and incident response competition.
Someone green-light this drama: Sony, after suffering a massive data breach that led to the leak of personal information and embarrassing corporate emails, has agreed to a data-breach settlement worth up to $8 million.
Bob Carr, CEO of Heartland Payment Systems, contends that not enough progress has been made in improving payments security in the seven years since the processor experienced a massive breach. Find out why he argues that retailers and processors still have much more to do.
As the Senate continues to wrestle with the Cybersecurity Information Sharing Act of 2015, with a vote expected next week, opposition to the bill from some privacy groups and major technology firms, including Apple, is heating up.
European criminals combined cannibalized EMV chips from stolen cards with miniature microprocessors to build fake payment cards that defeated POS security checks, enabling them to steal as much as $680,000, French researchers say.
The size of the information security analyst workforce in the United States rose by nearly 20 percent in the past year, according to an Information Security Media Group analysis of U.S. Bureau of Labor Statistics data.
Attributing cybercrime to specific criminals is becoming increasingly critical, says Eward Driehuis of threat intelligence firm Fox-IT. Using the elusive Dridex campaign as an example, Driehuis explains in this video interview how many malware attacks are interconnected.
Apple has removed hundreds of apps from its App Store for violating its user-tracking guidelines. Chinese mobile advertising firm Youmi has issued "sincere apologies" for the tracking behavior and promised to compensate affected developers.
The FBI and Secret Service are investigating reports that CIA Director John Brennan's personal AOL email account was hacked by an American teenager, who found and leaked sensitive information on top U.S. intelligence and national security officials.
Dow Jones has dismissed a competitor's report, which claims that attackers operating from Russia hacked into the company's servers and stole sensitive financial information for insider-trading purposes.
U.S. merchants that have not yet completed their migration to EMV should brace for upticks in chargebacks from international card issuers, says Gord Jameison, head of Canadian risk services for Visa, in a video interview.