Customers increasingly use digital channels to interact with organizations. But these interactions raise new security concerns that must be addressed by IAM solutions, says David Gormley of CA Technologies.
In the wake of the Heartbleed flaw, a researcher finds new weaknesses in OpenSSL that could be exploited to launch man-in-the-middle attacks, distributed-denial-of-service attacks and remote-code execution on millions of sites.
Although breach prevention may be on the minds of more CEOs and boards of directors in the wake of recent incidents, getting their buy-in for funding still requires educating them on the risks that could have an impact on the business.
A proposed UK computer crime bill would increase hacking penalties and criminalize cybercrime attacks that impact the economy, environment or national security. Proving related charges in court, however, could be difficult.
American Express is notifying about 77,000 California cardholders that their personal information and card data has been posted on various websites, with members of the hacktivist group Anonymous taking credit for the breach.
An ongoing APT campaign employs decoy documents to lure potential victims into installing malicious remote-control tools. Targets include at least one bank, the BBC and many U.S. and EU government agencies.
Security researchers say the international takedown of the Gameover Zeus botnet and servers for CryptoLocker ransomware will have a positive short-term impact, but they warn the threats could quickly re-emerge unless key steps are taken.
The total number of employees affected by a breach of financial information at the University of Pittsburgh Medical Center has more than doubled to 62,000 in a case that's resulted in federal income tax fraud and triggered lawsuits.
Local police are investigating a breach involving inappropriate access to about 600 patients' records by a former employee at ProMedica Bay Park Hospital in Oregon, Ohio. Find out what information was exposed.
A number of large federal agencies would like to see the Department of Homeland Security, including its U.S. CERT unit, enhance services to help them address cyber-incidents, according to a new GAO report.
The OpenSSL Project is receiving new funding to support its operations following the Heartbleed exploit that exposed a flaw in the cryptographic tool that's used to provide communications security and privacy online.