There are two Yahoo conspiracy theories: It was hacked by a "state-sponsored actor," and it disabled email forwarding to prevent a post-breach exodus. Although neither scenario appears to be true, that doesn't mean the badly breached search giant is in the clear.
IoT devices running the authentication protocol OpenSSH are being compromised and used as proxies in attacks that aim to take over accounts at popular web services, according to new research from Akamai.
The internet of things is being compromised by malware-wielding attackers exploiting default credentials baked into devices. What will it take for manufacturers to ship devices that are secure by default?
Fancy Bear strikes again: the suspected Russian hacking group released confidential medical records for four U.S. Olympic athletes, falsely contending the documents prove illegal drug use by the Olympians.
A new research project called Amnesia tackles the password management problem by not storing full data in any one place where it can be hacked. But does this proposed solution truly offer better password security?
The breach of an offshore account owned by Union Bank of India is raising new questions about the security of interbank payments, which often rely on antiquated backend verification processes that fraudsters seem to be compromising with relative ease.
An investigative report from Reuters paints a disturbing picture of the Federal Reserve Bank of New York using antiquated security practices to safeguard interbank SWIFT payments. Here's how security experts say interbank transaction security must be improved.
Cybercriminals are sneaking banking Trojans onto systems via the legitimate remote-access tool Ammyy Admin, researchers at Kaspersky Lab warn. The attacks are a reminder to watch for legitimate applications that may have been Trojanized.
A recent interview about Hillary Clinton's email server controversy drew numerous comments, with respondents divided over whether users will devise ways to circumvent systems safeguards to do their jobs more effectively. Join the conversation.
Endpoint protection vendors compete fiercely for customers, and allegations of impropriety are common among rivals. The latest battle pits Sophos against Cylance. Whose version of the story is the truth?
While malware may be used for an initial attack, hackers quickly begin using tools to move around networks that often don't raise suspicion. Here's what to look out for to detect a "low and slow" attack.
In the wake of a majority of British voters opting to leave the European Union, the U.K. Information Commissioner's Office argues that the country should still comply with the EU's data privacy rules. But will politics get in the way?
Dropbox is keeping a close eye on the latest news reports of big-name, big-data breaches, but says the reported hackers are bluffing when claiming to have compromised and obtained the web storage service's data.
Akamai warns of a rash of less sophisticated attempts to extort companies by threatening to strike with distributed denial-of-service attacks, which can be expensive for organizations to defend against.