Over the last six months, the University of Vermont Medical Center has seen a spike in phishing attempts, including those laced with malware in an attempt to steal credentials, says CISO Heather Roszkowski, who describes her defensive efforts.
Psychologically speaking, nothing beats the power of a well-timed deadline. And love it or hate it, Google's 90-day "Project Zero" deadline for fixing flaws - before they get publicly disclosed - has rewritten bug-patching rules.
When IT veteran Branden Spikes founded his own company devoted to isolating browsers from attacks, he thought building the technology would be the top challenge. The venture capital community proved him wrong.
The Anunak/Carbanak gang continues to rob financial services firms and retailers, in part with ATM malware. A new report says the cybercrime gang has stolen up to $1 billion from banks in Russia, the U.S. and beyond.
The Anthem breach, which possibly started with a phishing campaign, is a prime example of how hackers are perfecting their schemes to target key employees who have access to valued information, says Dave Jevans of the Anti-Phishing Working Group.
Anthem believes that the breach that has exposed up to 80 million individuals' information possibly began after a handful of employees fell victim to a phishing attack. Other attackers appear to be using the breach as a lure for their own phishing campaigns.
Lawmakers are more serious than ever about cybersecurity legislation. Their intent is to enact, but can they compromise on legislation to share cyberthreat information and nationalize data breach notification?
In addition to 56 million payment cards being compromised in the Home Depot data breach, approximately 53 million e-mail addresses also were stolen, the retailer reported in an investigation update on Nov. 6.
Amsterdam is again playing host to the annual Black Hat Europe information security gathering, and presenters have promised to cover everything from privacy flaws in wearable computers to two-factor authentication system failures.
Google says just 2 percent of the recent dump of nearly 5 million credentials to Russian cybercrime forums contained valid Gmail username and password combinations. But anyone who reused the same passwords on other sites remains at risk from hackers.
A new impersonation scheme is taking aim at business executives to perpetuate ACH and wire fraud, says Bank of the West's David Pollino, who explains steps institutions should take now to protect their customers.
On Christmas Eve, Target issued a warning about phishing scams linked to its breach recovery efforts. In response, the retailer says it is launching a dedicated resource page on its website for official communications.