A hacking team dubbed "Group 123" with apparent ties to the government of North Korea has been exploiting a zero-day vulnerability in the Flash browser plug-in, likely to hack high-value targets. Adobe has released an emergency Flash update with security fixes. Or organizations could simply stop using Flash.
The struggle is real as DoD moves from DIACAP to RMF. System owners are challenged to adopt technology that can address the more dynamic controls required by RMF.
Learn how to get help from defense agencies to monitor and assess their systems for RMF compliance by automating the gathering, analysis and reporting of...
As banks in the U.S. and Australia grapple with how to effectively launch faster payments, more will turn to big data and machine learning to help better manage expected upticks in fraud, says cybersecurity specialist John O'Neill Jr. of DarkTower.
The Department of Justice has charged two men, arrested in Connecticut near the scene of a jackpotting attack against a drive-up ATM, with bank fraud stemming from a malware attack. Police say they recovered $9,000 in $20 bills, as well a black box and other equipment from the suspects' car.
Apple and Cisco say they've partnered with insurers Aon and Allianz to offer cyber insurance policies for organizations that meet best security practices and use products from the technology companies. The partnership follows increasing interest in cyber insurance as a hedge against hacking risks.
More than half of surveyed organizations were struck by ransomware in 2017. And more than 75 percent of them were running up-to-date endpoint protection. What's the disconnect? Dan Schiappa of Sophos discusses the state of endpoint security.
Healthcare entities are increasingly considering user and entity behavioral analytics tools because their previous breach prevention and detection efforts have fallen short, says security expert Mac McMillan.
A new report from a Veterans Affairs watchdog agency on a guest Wi-Fi network that was set up at a VA medical center without coordination with VA IT officials to ensure security spotlights the risks and challenges that many healthcare entities face with so called "shadow IT."
Russian citizen Peter Levashov, arrested last year while vacationing in Spain, appeared Friday in U.S. federal court to face charges that he owned and operated the Kelihos botnet and distributed spam, banking Trojans and ransomware for profit. Levashov has pleaded not guilty.
Lauri Love, a British man accused of 2012 and 2013 hack attacks against U.S. government computers - including systems operated by the Federal Reserve, U.S. Army and NASA - has won his legal bid to quash a U.S. extradition request. But he still faces a potential trial in England.
Blockchain technology already underpins the boom in cryptocurrencies, but it is also being rigorously tested and developed for other applications, including identity and access management. Such projects could make personal data easier to secure and less vulnerable to data breaches.
Orwell got it wrong: People are less likely to surrender their privacy to a totalitarian state than to the lure of sharing holiday snaps, cat videos or the route and time they took for their latest cycling, jogging or kiteboarding outing, as captured by a wearable fitness device.
The booming interest and sometimes surging values of cryptocurrencies are drawing the interest of cybercriminals on a scale never seen before - including attacks aimed at trying to steal computing power to mine cryptocurrency.
As a long-time security leader, Qualys CISO Mark Butler has watched the evolution of security tools and platforms. The best-of-breed approach still has value, but also has failed us, he says. How can automation and orchestration provide new business value?