A comprehensive review of security at the Utah Department of Health conducted in the aftermath of two data breaches, including a hacker attack, found 39 "high-impact" weaknesses. But experts say many of the cited shortcomings are common at other organizations.
Law enforcement and intelligence agencies will have plenty of chances to snoop on criminals, terrorists and citizens even as communications vendors enable default encryption on mobile devices, a study from Harvard University says.
British bank HSBC warned customers on Jan. 29 that it's been defending itself against distributed denial-of-service attacks, just two days before a major U.K. tax deadline. Security experts say botnet-driven disruptions of U.K. sites have risen sharply.
The U.S. government's intrusion detection and prevention program known as Einstein has limited ability to detect breaches of federal information systems, according to a new Government Accountability Office report.
Global restaurant chain Wendy's is investigating a suspected data breach following fraud patterns tied to credit and debit cards used at some of its locations. Two card issuers confirm that they've seen signs of related fraud in some U.S. regions.
New security technologies don't keep fraudsters from stealing money; they just cause them to shift to new methods, says Jodi Selby of Bankers Trust. In this video interview, she offers a case study on how to best respond to evolving fraud schemes.
Israel has reportedly foiled a "severe cyberattack" launched against the Israeli Electricity Authority. The malware attack doesn't appear to have resulted in any disruption to the country's power grid, but many government systems remain offline.
Insurer Centene Corp.'s loss of unencrypted hard drives storing information on nearly 1 million individuals raises the issue of when encryption is appropriate and points to the need for all organizations to improve their tracking of IT inventory.
Cyber-extortion attacks, especially those involving DDoS gangs that threaten disruptions unless the targeted organization pays a bitcoin ransom, are on the rise. Experts describe how organizations should respond to - and resist - these attacks.
The Obama administration's initiative to move much of the U.S. federal government's security clearance responsibilities to the Defense Department from the Office of Personnel Management is receiving mixed reviews from security experts and lawmakers.
Networking giant Fortinet warns that more products than it initially suspected have a hardcoded password that attackers could abuse to remotely gain backdoor access to vulnerable devices. But why did the flaws take so long to be found?
Banking institutions and associations are demanding that the Federal Financial Institutions Examination Council make significant changes to its Cybersecurity Assessment Tool. What action, if any, will regulators take in response?