All Windows operating systems are at risk from the SSL/TLS vulnerability known as Freak, Microsoft warns. The company has outlined temporary workarounds - except for Windows Server 2003. Experts say no in-the-wild attacks have yet been seen.
British police over the course of this week launched 25 cybercrime-targeting raids and made 57 arrests, including suspects who have been tied to a U.S. Defense Department network intrusion, Lizard Squad attacks, as well as a massive Yahoo breach.
Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.
Weaponized roller coasters? Kidnappers hacking babycams? Forget over-the-top "CSI: Cyber" hacking plots. The hackers behind the Rogers ISP breach, in their quest for bitcoins, claim they wielded nothing more serious than a telephone call.
The CEO of Bit9 speaks from experience: His firm was hacked, sensitive data stolen and customers put at risk. And what's happened since represents his mission to fend off attackers, even as they refine their hacks.
Massive breaches, such as the recent hacker attack on health insurer Anthem, highlight why it's important for organizations to understand their breach notification obligations under state laws as well as HIPAA, says attorney Brad Rostolsky.
Word that Hillary Clinton maintained a personal email server while secretary of state has elevated cybersecurity and privacy as political issues. But it's just the latest example of such issues grabbing the attention of U.S. voters.
Small and mid-size businesses might not be able to afford participating in voluntary programs to share and receive cyberthreat information, as President Obama has proposed, industry representatives tell Congress.
Kevin Greenfield, director of bank IT for the Office of the Comptroller of the Currency, says FFIEC agencies are working to help financial institutions shore up cybersecurity, and a big focus for regulators is third-party risks.
Anthem Inc. has refused to allow a federal watchdog agency to conduct vulnerability scans of its systems in the wake of its recent massive data breach. The health insurer also refused to allow scans by the same agency in 2013.
Many Apple and Android devices are vulnerable to a TLS/SSL "Freak" flaw, which could be exploited to subvert secure Web connections. The flaw is a legacy of U.S. government export restrictions on strong crypto.
A recent incident involving disposed in a vendor's dumpster is an example of why healthcare organizations say business associates taking inadequate security steps ranks as their No. 1 perceived breach threat today.