FireEye says Russia's Fancy Bear hackers are targeting hotel guests with a sneaky attack that leaves no traces and steals network credentials. It involves no malware and is virtually impossible to stop.
Enterprises should be working overtime to eradicate "EternalBlue" from their networks since two massive malware outbreaks - WannaCry and NotPetya - have targeted the Windows flaw. But vulnerability scans show there's still work to be done.
Not so long ago, the information network was a tangible entity to manage and secure. Today, in the age of the cloud and connected devices, network security is a whole new creature. Michael DeCesare, CEO of Forescout, discusses how to respond to this evolution.
NotPetya was not as bad as WannaCry, despite NotPetya being even more sophisticated, and targeting the same EternalBlue flaw that had allowed WannaCry to spread far and fast. Microsoft says NotPetya's builders limited its attack capabilities by design.
A former Qualys customer for more than a decade, Mark Butler is now the company's CISO. And one of his jobs is to help spread the word to other security leaders about the vendor's vulnerability management solutions.
Defense starts with awareness. And Dr. Paul Vixie of Farsight Security says awareness begins with tactical observations that can be gleaned from scanning Internet traffic. Vixie details how real-time contextual data can bolster security.
Worried about the use of encryption by terrorists, Australia plans to lobby its key signal intelligence partners at a meeting in Canada for the creation of new legal powers that would allow access to scrambled communications. But Australia says it doesn't want backdoors. So what does it want?
Opportunistic attackers may have breached some Parliament email accounts by brute-force guessing their way into accounts with weak passwords. But such a breach is hardly the "cyberattack" some are making it out to be.
Infosecurity Europe 2017 in London drew an estimated 18,000 attendees. Here are 13 visual highlights from the annual information security conference, ranging from tchotchkes and keynotes to 19th century architecture and live hacks of internet-connected devices.
In the wake of WannaCry, there's a critical new flaw in Samba, which provides Windows-based file and print services for Unix and Linux systems. Security experts say the flaw is trivial to exploit. US-CERT recommends immediate patching or workarounds.
Target has reached a record settlement agreement with 47 states' attorneys general over its 2013 data breach. The breach resulted in hackers compromising 41 million customers' payment card details and contact details for more than 60 million customers being exposed.
Internet of things devices are vulnerable to an array of potential cyberattacks, including zero-day exploits, distributed denial-of-service attacks and passive wiretapping, according to a new GAO report, which cites mitigation advice from experts.
Hot sessions at this week's OWASP AppSec Europe 2017 conference in Belfast, Northern Ireland, cover everything from the EU's General Data Protection Regulation and fostering better SecDevOps uptake, to quantum-computing resistant crypto and ransomware economics.