Account takeover techniques are getting more sophisticated; new "account checkers" are helping hackers automate their processes. The trend is just one more reason why we need advanced forms of authentication.
White House Cybersecurity Coordinator Michael Daniel sees significant savings in continuous diagnostics because the automated approach to identifying systems vulnerabilities could replace costly checklist compliance reporting.
In the wake of Arbor Network's recent discovery of a new botnet that's brute-forcing passwords on WordPress sites, security experts, including Nick Levay of Bit9, recommend beefing up password security on web applications.
Three U.S. banks have been targeted by new DDoS attacks that apparently had little impact. As bank defenses improve, some experts say the attackers may shift targets to other industries affecting critical infrastructure.
It's an increasingly common question from CEOs. "How is our security program protecting the business?" Pamela Gupta of OutSecure shares insight on what CISOs should demonstrate when they answer that question.
Today's advanced threats are no secret. Focusing the correct resources on them is the true challenge, says Will Irace of General Dynamics Fidelis Cybersecurity Solutions. He offers tips for harnessing the right skills and technology.
As organizations use social media to grow their online presence, questions of ownership become an increasing concern, says Alan Brill of Kroll, who advises organizations on how to mitigate risks.
Homeland Security Secretary Janet Napolitano has made official what's been known for two weeks: McAfee Vice President Phyllis Schneck will be the next deputy undersecretary for cybersecurity at DHS. She will start her job next month.
One of the biggest influences on Phyllis Schneck, the new Homeland Security deputy undersecretary for cybersecurity, is her father, Paul Schneck, an internationally accomplished computer scientist.
Version 3.0 of the PCI Data Security Standard is coming, and draft guidelines reflect the impact of recent retail breaches. PCI GM Bob Russo explains big changes to ensuring payment card security.
How relevant is customer education? Readers weigh in with thoughtful responses to two recent guest blogs that tackle the question from two perspectives: the education proponent and the critic.
At $1.5 million, it's one of the largest account takeover incidents on record. Attorneys review the Efficient Services Escrow case and ask who will be held responsible - the customer or the bank?
Bruce McConnell, who just stepped down as one of the federal government's top cybersecurity policymakers, says he understands why some lawmakers don't trust DHS with significant authority to safeguard government IT.
While organizations wait for possible cyberthreat intelligence sharing legislation, the community is proactively working to share valuable information among different industries, says MS-ISAC Chairman Will Pelgrin.
The old saw of a blind squirrel fortuitously finding an acorn reminds the Atlantic Council's Jason Healey of cyber-assailants from third-rate cyber-power Iran, believed to be behind DDoS attacks on U.S. banks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.