Cloud computing providers must step up and develop approaches to prevent their employees from stealing or harming customer data they host, say two experts from Carnegie Mellon University's CERT Insider Threat Center.
How could global fraudsters steal $45 million from banking institutions without being detected or stopped? It's a process breakdown, not a technology failure, says fraud expert Avivah Litan of Gartner.
A recent spear-phishing attack involving a Trojan designed to target Android devices offers an important reminder of the emerging threat of mobile malware, says Kaspersky Lab researcher Kurt Baumgartner.
A Defense Department report to Congress says China could use the targeted information to benefit its defense and high-technology industries as well as give Chinese policymakers a clear picture of U.S. leadership thinking on key China issues.
Mark Weatherford, who recently stepped down as DHS deputy undersecretary for cybersecurity, says that although planned OpUSA DDoS attacks may initially be a nuisance, they represent a genuine long-term threat to the government.
The OWASP Top Ten list of security risks was created more than a decade ago to be the start of an industry standard that could bootstrap the legal system into encouraging more secure software. Here are the 2013 updates.
If the hacking community judges the planned OpUSA cyber-attack a success, it could spur more nefarious actors to try more vicious disruptions of U.S. websites, a Department of Homeland Security alert says.
In assessing the risk of a distributed-denial-of service attack, organizations must think beyond shoring up systems' perimeters and concentrate on analyzing cyberthreat intelligence, Booz Allen Hamilton's Sedar Labarre says.
Anonymous says its OpUSA attack planned for May 7 aims to 'wipe' government and banking websites from the Internet. Security experts say the threat is real, but are U.S. organizations taking it seriously?
In this week's breach roundup, read about the latest incidents, including a class action lawsuit against a VA hospital following the loss of a laptop and the discovery of records in an abandoned mental health facility.
Today's spear-phishing campaigns are localized, small and can slip through typical spam filters. As a result, detection practices have to evolve, says researcher Gary Warner of the University of Alabama at Birmingham.