The Department of Homeland security sees malware provenance - which identifies the attributes of malicious codes - as a way to complement its signature-based Einstein intrusion detection and prevention systems to find malware that infects IT systems.
The Internal Revenue Service, for the second time since August, has revised upward the number of accounts victimized in its Get Transcript breach, with the tax agency saying the personal information from as many as 724,000 taxpayers' accounts may have been stolen.
It's been just over a year since health plan Anthem Inc. reported a record-breaking hacker attack affecting nearly 79 million individuals. A number of key lessons have emerged from that breach that other organizations can apply to improve their own data security.
As a result of high-profile breaches, emerging malware threats and increased regulatory scrutiny, CISOs at financial institutions are under more pressure than ever to develop innovative strategies for enhancing cybersecurity. And the CISO's evolving role will be a hot topic at RSA Conference 2016.
The Healthcare Information and Management Systems Society 2016 Conference, slated for Feb. 29 to March 4 in Las Vegas, will offer dozens of privacy and security educational opportunities worth checking out.
The re-emergence of the mobile banking Trojan known as Acecard, which is now threatening a broader range of targets worldwide, highlights the growing risks associated with Android devices and the need for banks and mobile app developers to do more to protect users' accounts.
The PCI Security Standards Council will soon release an update to its PCI Data Security Standard, requiring the use of multifactor authentication for administrators who have access to card data networks. In an interview, the council's Troy Leach explains the new requirements and compliance expectations.
Who's right: Apple or the FBI? Our readers continue to debate a magistrate judge ordering Apple to help unlock an iPhone tied to a San Bernardino shooter, raising such issues as strong crypto, backdoors as well as legal and moral responsibilities.
Leading banking Trojans are expanding their targets, taking aim at industries outside banking to compromise financial accounts and other information, new research shows. And the botnets are proving difficult for law enforcement officials to take down.
We hear a lot about security in regulated verticals such as financial services and telecom. But what are some of the challenges unique to manufacturing? Tata Motor's CISO Uday Deshpande shares insight and recommendations.
Antonin Scalia's replacement could help push the Supreme Court to reinterpret the Constitution's Fourth Amendment to make it harder for the government to surveil citizens online and seize their records stored on servers maintained by cloud service providers.
Warning: Too many voice over IP devices being used in enterprise environments have well-known default passwords or no security at all, thus leaving organizations at risk from covert surveillance and toll-fraud scammers, experts say.
Hong Kong toymaker VTech has revised its end-user license agreement to make clear that it can't be held legally responsible for any data breaches. Many security experts have reacted with fury. But is VTech's move unusual?
Here's more evidence of how a data breach can have a major financial impact. The bill for U.K. telecom giant TalkTalk's October 2015 data breach could be as much as $94 million, and the incident resulted in the loss of 95,000 customers.
The banking malware known as Carbanak continues to evolve, and cybercriminals are now using it to wage APT-style attacks against banks as well as companies in other sectors, according to security researchers at Kaspersky Lab.