Amidst finger-pointing over responsibility for the $81 million online theft from Bangladesh Bank, SWIFT has issued its first-ever information security guidance to banks, telling them that they're responsible for securing their own systems.
Russian email service Mail.Ru says its users' credentials contained in data leaked to Hold Security are 99.982 percent invalid, leading it to slam the security firm for stoking "media hype." But Hold Security's CISO contends the leak contains valid email addresses that could be used for phishing and spam.
The section chief of the FBI's Cyber Division says "the FBI does not condone payment of ransom," in part because it enables criminals to victimize others. Instead, the bureau continues to urge all potential victims to get their IT house in order.
The U.S. government is actively disrupting - rather than just monitoring - computer systems, networks and communications technologies used by the jihadi fighters known as ISIS, ISIL or Daesh, according to a news report.
Epic Systems' successful lawsuit against India's Tata Consultancy Services raises many security questions. For example, why did Epic find out about the allegedly inappropriate downloading of trade secrets from an external whistleblower, rather than as a result of internal detection efforts?
The scant - if not conflicting - details and sourcing attached to a recent news report on how the FBI cracked an iPhone 5c have left information security experts questioning both technical details and related agendas.
Backed by its own logo, Badlock refers to a set of critical Samba vulnerabilities in Windows and most Unix/Linux operating systems, which attackers could exploit to launch man-in-the-middle attacks against corporate networks.
The massive "Panama Papers" data leak apparently was enabled by a law firm failing to have the right information security defenses in place. The breach calls attention to the need for all organizations to encrypt sensitive data, use access controls as well as monitor access patterns for signs of data exfiltration.
In the world of the extended enterprise, everybody seeks greater visibility into network activity. But Gidi Cohen was there in 2002, founding Skybox Security to provide analytics to improve cybersecurity. Cohen discusses the evolution of visibility.
We all realize that the black hats are typically a step ahead of the white hats. But do we accept that our own security controls are contributing to the deficit? Sam Curry of Arbor Networks describes how security leaders can regain their lead in this video interview.
The volume and complexity of online attacks continue to increase, which creates a challenge for information security managers, says Darrell Burkey, director of product management for Check Point Software Technologies, in this video interview.
For years, Wade Baker was one of the main forces behind the industry's most noted data breach investigations report. Now, as vice president of strategy and analytics at ThreatConnect, he has the chance to practice the lessons he's learned, as he explains in this video interview.
DDoS attacks are on the rise, and they come across multiple vectors. In this video interview, Paul Nicholson of A10 Networks describes how organizations can defend against DDoS - and why SSL traffic inspection is a must.
Threat response is a lot like physical fitness. Enterprises know what they need to do - they often just opt not to do it. RSA's Rashmi Knowles offers advice for how to move from threat prevention to response.
Phil Reitinger, president of the Global Cyber Alliance, wants to make one thing clear: This new group is not a coalition of the willing; it's a coalition of the angry. How, then, does the alliance plan to channel its powerful energy? Find out in this video interview.