The Department of Homeland Security, which missed meeting last week's deadline for submitting a new cybersecurity strategy to Congress, could be months away from providing lawmakers with that policy, a top DHS cybersecurity official says.
Google has run out of patience with Symantec's digital certificate business. It has outlined a plan that over time will have its Chrome browser reject all of Symantec's existing digital certificates and force all of its future certificates to be reissued every nine months.
WikiLeaks has released a second batch of CIA attack tools, dubbed Dark Matter, which includes malware designed to exploit Mac OS X and iOS devices. But Apple contends the attacks target vulnerabilities in its software that have long been patched, so users are not at risk.
With the rapid changes in the threat landscape and the risks introduced by DevOps, the cloud and other new elements, organizations need to have a continuous vulnerability assessment program as a security baseline, says Richard Bussiere of Tenable Network Security.
Cloud services firm Coupa is one of the latest business email compromise victims, after a fraudster pretending to be its CEO faked out the HR department and stole all of its 2016 employees' W-2 forms. Security experts say rigorous training remains the only viable defense.
As WikiLeaks reaches out to firms about code targeted via CIA attack tools contained in the "Vault 7" document dump, Cisco says its review of the leaked information led to the discovery of a zero-day flaw that affects 318 of its devices, including numerous switches.
Some medical devices, smartphones and internet of things gadgets contain certain types of sensors that are vulnerable to potential hacking using sound waves, says cybersecurity researcher Kevin Fu, who calls on manufacturers to address the risks.
High-pressure. Fast-paced. Threats coming from all directions. The battle against payment fraud isn't unlike the game of basketball. Wire fraud and ACH fraud are on the rise, and financial institutions cannot be slow on the defense - to win, they must detect fraud in real-time.
Banking channels through which...
Britain's GCHQ intelligence agency dismissed as "utterly ridiculous" claims that it conducted surveillance on then-candidate Donald Trump at the request of President Obama. The White House reportedly apologized to the British government for its comments.
Historically, the only way organizations could come close to capturing high-fidelity data about what's happening on their network was to invest in a packet capture system.
That's so yesterday.
Full packet capture systems were never designed to facilitate the detection or investigation of advanced threat actors....
In this white paper, Fidelis Cybersecurity will outline key steps to take in the first 72 hours of detecting an alert, how to distinguish what type of incident you are facing and the key differences on how to respond. Based on our firsthand experience, we provide lessons learned from the front lines to explain why it...
FBI Director James Comey worries about data corruption, and he's focused on hackers altering data. But if government leaders feed false information into computer systems, what should IT and IT security practitioners do to protect data integrity?
Leading the latest edition of the ISMG Security: A deep dive into the WikiLeaks release of thousands of documents that appear to lay open in detail the CIA's computer hacking techniques Report. Also, tackling the rise of attacks targeting the internet of things.
Security product testers have architectured their test suites to adhere to the technologies of the past 10 years. However, as endpoint security and the threat landscape continue to evolve, so must testing suites evolve as well. Advanced methodologies and a more robust testing criteria are essential to keep...
The latest version of the Trump administration's draft cybersecurity executive order would direct the federal government to take a risk-based approach to IT security and hold agency heads responsible for the security of their organizations' IT assets.