Information security experts are questioning the accuracy of a news report that claims Sony Pictures Entertainment is attempting DDoS attacks to disrupt sites that are providing copies of stolen Sony data.
The so-called Red October APT gang may have emerged from hiding. Two research firms report finding advanced attacks that target firms across the financial, oil and engineering sectors, as well as government embassies, primarily in Eastern Europe.
Security experts see the FIDO Alliance's release of two universal authentication specifications as a positive move in the effort to eliminate passwords. But the standards' impact will be minimal unless they're widely adopted.
A recent blog post by Managing Editor Mathew J. Schwartz, "Why Are We So Stupid About Passwords?" raised a number of issues about the ongoing risks involved in using passwords for authentication. Read the strong reaction to the commentary and join the conversation.
A new version of the Destover malware includes a legitimate certificate from Sony. But a researcher claims it's a hoax. Meanwhile, new evidence emerges that the hackers who attacked Sony Pictures Entertainment had criminal - not nation-state - intentions.
Security experts are sounding warnings that a flaw known as POODLE, revealed Oct. 14, can now be used to decrypt some Internet communications secured using TLS. Vendors have begun describing workarounds and issuing patches.
Payment solutions provider Charge Anywhere is warning merchants and cardholders of a data breach that may have exposed information related to payment card transactions dating back as far as Nov. 5, 2009.
Ten months after NIST issued a draft report proposing changes on how it develops cryptographic standards, following reports that the NSA tampered with a NIST cryptographic algorithm, the institute has yet to finalize that guidance.
Federal regulators are sending a powerful message about the importance of applying software patches by slapping an Alaska mental health services providers with a $150,000 HIPAA sanction. Learn what's included in the corrective action plan.
The "wiper" malware attack against Sony Pictures Entertainment has numerous commonalities with previous wiper attacks in Saudi Arabia and South Korea. This infographic summarizes the attacks and highlights their similarities.
Like the Target breach a year ago, the Sony Pictures Entertainment hack that's grabbed recent headlines will prove to be a catalyst for change, grabbing the attention of CEOs and board members and spurring them to beef up information security.
The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.
TD Bank has agreed to a second state settlement tied to a data breach involving the loss of two backup tapes that may have exposed information about 260,000 customers. Find out the size of the latest financial penalty.
The hacking gang Lizard Squad has claimed credit for knocking Sony's PlayStation Network offline. Meanwhile, investigators continue to suspect North Korea may have launched the recent, "unprecedented" hack of Sony Pictures Entertainment.