Government intelligence agencies' information security offensive capabilities may far outstrip businesses' collective defenses, but organizations can still tap a variety of techniques to defend themselves against many types of intrusions.
In the wake of recent payment card breaches, President Obama is taking steps to speed the adoption of EMV cards. He's also calling on Congress to enact a national data breach notification law and announcing a White House summit on consumer cybersecurity.
Apps for wearable devices that are designed to track a user's pulse rate, blood-oxygen level or location may be leaking that data during transmission, Symantec security researcher Candid WÃ¼eest warns in a Black Hat Europe briefing.
"Cybercrime as a service" and the globalization of attacks are two of the trends noted by cyber-intelligence firm Group-IB in its third annual High-Tech Crime Report. Group-IB's Alexander Tushkanov explains the lessons that can be learned.
Disconnecting systems from the Internet via an "air gap" is supposed to make the data they store harder to steal. But at Black Hat Europe, cryptographer Adi Shamir demonstrated how a laser and drone can be used to bypass air gaps.
The Council of the Inspectors General on Integrity and Efficiency says government data stored on cloud service providers' servers could be at risk because of insufficient enforcement of government rules.
Heartbleed, Shellshock, targeted attacks - the security threats to banking institutions are legion. And there are new ways banks can get better at detecting these evolving threats, says Solutionary's Jeremy Nichols.
Data analytics is reshaping the way financial institutions detect fraud by helping them track customer behavior in real time, says FICO's Anant Nambiar, who'll be a featured presenter at ISMG's Fraud Summit New York on Oct. 21.
TD Bank has agreed to a multi-state settlement in the wake of a 2012 data breach involving the loss of two backup tapes that may have exposed personal information on about 260,000 of the bank's customers. Learn the size of the penalty.
Security experts urge organizations to disable support for SSL on clients and servers because of flaws in the cryptographic protocol that could be used to impersonate website users and decrypt HTTPS traffic.
Knowing how to manipulate a hacker's cultural values could help thwart - or at least slow down - cyber-attacks, says Garet Moravec, a cybersecurity expert who'll speak at ISMG's Global APT Defense Summit on Oct. 22.