The APT gang known as Darkhotel quickly tapped a Hacking Team exploit for Flash, Kaspersky Lab reports. But the gang's ongoing trickery shows that organizations must do more than just patch against the latest threats.
The U.S. Department of Justice has announced charges against nine people suspected of running an international insider-trading and hacking scheme predicated on stealing confidential press releases before publication.
As a report surfaced that Chinese spies read the private emails of top Obama administration officials, the Pentagon revealed it had restored the unclassified email network used by the Joint Chiefs of Staff, brought down two weeks ago following a purported Russian breach.
A $46.7 million fraud scheme that hit Ubiquiti Networks Inc. shows the new & improved face of wire fraud - and just how easy it is for cybercriminals to fool employees into helping to pilfer their own enterprises.
A new report says the Department of Health and Human Services has several security weaknesses that may have contributed to five recent data breaches. But are other healthcare entities guilty of the same mistakes?
Carphone Warehouse, a U.K.-based mobile phone retailer, is investigating a cyber-attack that may have breached personal information associated with up to 2.4 million customers, and card data linked to 90,000 accounts.
With the federal government clearly in the bullseye of hackers, the Department of Veterans Affairs is revamping its cybersecurity strategy under its new CIO, LaVerne Council, who took over the job last month.
Neiman Marcus has asked a federal court to reconsider its decision to allow a consumer class-action suit to go to trial. If the retailer fails, legal experts say, it could mean a costly setback for breached entities.
Millions of Android devices are at risk from "Certifi-gate," a flaw that OEMs must patch, Check Point warns. Following Stagefright, Google and some manufacturers have promised to deliver monthly Android patches.
Nothing says "you really screwed up" like receiving the Pwnie Award for "Most Epic Fail" at the annual Black Hat conference. Hence it's no surprise that in the wake of its mega breach, the win goes to the U.S. Office of Personnel Management.
Medical billing company Intermedix, part of Advanced Data Processing, faces a lawsuit in the wake of a breach that resulted in a prison sentence for a former employee who pleaded guilty in a tax fraud case. Find out more about this unusual suit targeting a business associate.
Numerous services are enabled by default in Microsoft's Windows 10, and as employees connect their BYOD equipment to corporate networks, the cloud, collaboration and location tie-ins could pose enterprise security risks, experts warn.
Privacy advocates in the Senate will get their chance to introduce amendments to the Cybersecurity Information Sharing Act. But a deal struck by Senate leaders means they must wait till after Labor Day as lawmakers head home for their August holiday.
Enough talk about the cybersecurity skills gap; it's time for a new strategy for filling it, says ISACA's Eddie Schwartz. The new CSX Practitioner certification is a step in the right direction, he says.