Two new malware reports - one from security researchers at technology giant Cisco, another from cybersecurity firm FireEye - demonstrate how developers continue to refine malicious code to maximize information-stealing and extortion potential.
A former U.S. State Department employee has pleaded guilty to running a "sextortion" scheme from the U.S. Embassy in London that was designed to compel young women to share sexually explicit photographs, according to the FBI.
Australian police have raided the Sydney home of cryptographer and entrepreneur Craig Wright, who's been named as being the suspected creator of the bitcoin cryptocurrency. Has the real "Satoshi Nakamoto" finally been unmasked?
Dorkbot - one of the world's most prevalent crimeware toolkits - has been disrupted by an international law enforcement and security research firm effort. But similar previous disruptions have failed to eradicate the malware.
Turns out electronic learning products can be bad for children's privacy - and for their parents too. The VTech breach highlights how, despite repeated warnings, too many manufacturers continue to not take security seriously.
Malware: How does it work, who built it and what - or who - is it designed to target? Answering these types of questions is a job for Marion Marschalek of Cyphort, who reverse-engineers malicious code for a living.
As the U.S. moves toward faster payments, it must include new payments providers, such as Apple Pay and Square, as well as banks in all efforts to ensure security, says David Lott of the Federal Reserve Bank of Atlanta.
While cyberattacks will continue to menace healthcare and other business sectors next year, organizations can't afford to overlook addressing risks tied to insiders, who are responsible for most data breaches, says Michael Bruemmer of Experian Data Breach Resolution.
Business email compromise attacks are becoming more sophisticated and pervasive, and smaller businesses in English-speaking countries are proving to be the most common targets, says PhishLabs' Joseph Opacki, who calls on banks to show customers examples of the schemes.
Ireland's Cyber Crime Conference in Dublin drew a capacity crowd for a full day of security briefings, networking, hotly contested capture-the-flag and secure-coding challenges, as well as a chance to sharpen one's lock-picking skills.
TalkTalk's confusion in the wake of its recent data breach, as well as mangling of technical details and failure to encrypt customer data, demonstrate the importance of having an incident-response plan ready in advance of any breach, experts say.
The surge in data breaches has left millions of consumer records compromised. As a result, fraudsters have all they need to open bogus accounts, which cost banks huge losses linked to what Greg Shelton of LexisNexis Risk Solutions calls "sleeper fraud."
Too many security awareness and education programs fail because they're boring, says Lance Spitzner, research and community director for the SANS Institute's "Securing the Human" program. Read his suggested fixes.
As the unfolding investigation into the Paris attacks shows, just sharing threat-related data - without adding the crucial context that turns it into actionable intelligence - won't help organizations block attacks.
Starwood Hotels and Resorts has confirmed a point-of-sale breach, but card issuers say they don't believe the Starwood breach is isolated, and that fraud patterns indicate that another, perhaps larger breach, is impacting cards across the country.