A recent blog post by Managing Editor Mathew J. Schwartz, "Why Are We So Stupid About Passwords?" raised a number of issues about the ongoing risks involved in using passwords for authentication. Read the strong reaction to the commentary and join the conversation.
A new version of the Destover malware includes a legitimate certificate from Sony. But a researcher claims it's a hoax. Meanwhile, new evidence emerges that the hackers who attacked Sony Pictures Entertainment had criminal - not nation-state - intentions.
Payment solutions provider Charge Anywhere is warning merchants and cardholders of a data breach that may have exposed information related to payment card transactions dating back as far as Nov. 5, 2009.
The "wiper" malware attack against Sony Pictures Entertainment has numerous commonalities with previous wiper attacks in Saudi Arabia and South Korea. This infographic summarizes the attacks and highlights their similarities.
The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.
Except for the leak of celebrities' private data, the "wiper" malware attack against Sony Pictures Entertainment shares "extraordinary" similarities with previous wiper attacks in Saudi Arabia and South Korea, a security researcher finds.
At a time of growing anxiety over cybercrime, especially among businesses victimized by cyber-attacks, the Justice Department is creating a cybersecurity unit aimed, in part, to better engage the private sector to battle online crime.
A remote-access attack that compromised a parking facility provider with locations in Illinois, Pennsylvania, Ohio and Washington highlights how commonly used point-of-sale terminal and software brands are increasingly being exploited by hackers.
The destructive code that was used to infect and erase hard drives at Sony Pictures Entertainment - and which apparently was the subject of a recent FBI "flash alert" - has been identified as "wiper" malware known both as Destover and Wipall.
Who hacked Sony? Not us, say the North Koreans, ending days of silence. As Deloitte becomes the latest victim of the G.O.P. gang that's claimed credit, one thing is certain: Sony won't have to buy the movie rights to this hacking story.
For the first time since 2010, the FFIEC has released updated guidance about Bank Secrecy Act compliance requirements and money-laundering risks. As a result, a fraud expert says banks should brace for more regulatory scrutiny in early 2015.
Following a "Flash Alert" from the FBI, organizations must mitigate the risk posed by dangerous "wiper" malware attacks designed to erase hard drives. Malware expert Roel Schouwenberg offers strategic advice.
In the wake of the FBI issuing a warning that a U.S. business, reportedly Sony Pictures Entertainment, has been attacked using a dangerous form of "wiper" malware, security experts weigh in on the news and offer mitigation advice.
A new report from FireEye about the emergence of cyber-attacks aimed at the accounts of executives at publicly traded corporations for the purpose of "obtaining an edge" in stock trades has raised some questions among financial fraud experts.
A confidential FBI "flash" alert is warning of "wiper" malware attacks - that delete hard drive content - against U.S. businesses. Security experts say the alert is tied to the hack of Sony Pictures Entertainment, which may be linked to North Korea.