Target is the high-profile example, but many organizations have been breached through third-party vulnerabilities. Where are the security gaps, and how can they be filled? BitSight's Stephen Boyer offers insight.
A team of hackers has been operating since at least 2001, wielding malware that even today is among the most advanced attack code to have ever been discovered, according to a new study. Security experts are debating whether the NSA could be involved.
The Anunak/Carbanak gang continues to rob financial services firms and retailers, in part with ATM malware. A new report says the cybercrime gang has stolen up to $1 billion from banks in Russia, the U.S. and beyond.
Europe's vaunted data protection regulations - now 20 years old - are in desperate need of an update. In 2012, EU officials proposed extensive changes to the privacy rules, but they remain stuck in limbo. Here's why.
The White House Summit on Cybersecurity and Consumer Protection late last week served as the stage for more than a dozen companies and trade groups to announce new initiatives aimed at securing Internet transactions and payments and reducing fraud.
Enterprise IT administrators are being urged to immediately patch a flaw that affects every Windows system released for the past 15 years. Attackers could remotely exploit the flaw to take control of a device and run any code of their choice.
As hack attacks, such as the breach of Anthem Inc., become more common, it's more critical than ever for organizations to carry out an "adaptive defense model" to protect sensitive information, says Dave Merkel, chief technology officer at FireEye.
In a landmark decision, a British tribunal ruled that a U.K. intelligence agency broke the law by secretly using surveillance data collected by the U.S. National Security Agency. The ruling could have U.K. and U.S. repercussions, privacy experts say.
As health insurer Anthem's breach investigation progresses, some news reports are already pointing the finger at Chinese hackers as the possible culprits. But in this early stage of the investigation, security experts urge skepticism about attribution.
An upcoming series of summits on fighting financial fraud and mitigating advanced persistent threats will provide timely insights from industry thought leaders on the critical steps to take to address emerging risks.
Russian and European malware and spam purveyors have been hijacking Internet routes. Pending a massive infrastructure upgrade, security experts warn that such attacks can be detected, but not easily blocked.
A new report claims that Russian hackers, using spear-phishing attacks, breached the Sony Pictures Entertainment network by November 2014. But it's not clear whether they were responsible for the "G.O.P." attacks attributed by the FBI to North Korea.