British police have re-arrested Lauri Love, who's been charged with 2012 and 2013 hack attacks against U.S. government computers, including systems operated by the Federal Reserve, U.S. Army and NASA. But Love plans to fight extradition.
Does your organization really have a clear idea of what measures your business associates are taking to safeguard your most sensitive data? Yet another breach, this one affecting Arkansas Blue Cross Blue Shield, points to the risks.
With so much stolen PII available to fraudsters, it's time for banks and others to move to more sophisticated forms of authentication of customers' identities. Knowledge-based authentication is no longer reliable.
The GAO expects to make recommendations this fall for how enrollment controls on HealthCare.gov can be improved after a recent "undercover" test determined it was easy for 11 fictitious applicants to fraudulently enroll in subsidized Obamacare coverage.
After jumping by 33 percent in 2014, the number of Americans who consider themselves IT security professionals has remained flat for the first half of 2015, according to an examination of federal government employment data. That's bad news for employers seeking IT security pros to hire.
Blue Cross and Blue Shield plans' offer of extended ID protection to the more than 106 million individuals covered by their insurance could set new expectations for breach response, some security experts, including Ann Patterson, predict.
At a hearing on the role the Interior Department played in a recent breach at the Office of Personnel Management, the Interior deputy inspector general painted a picture of how a hacker might have breached the agency's computer system.
An international police operation has resulted in charges being filed against dozens of suspected cybercriminals, as well as the shuttering of the infamous hacking forum Darkode. But will the operation take a serious bite out of cybercrime?
Security researchers reported a zero-day bug to Microsoft - which has patched the flaw - after reverse-engineering details were contained in a bug hunter's sales pitch to hacked surveillance software vendor Hacking Team.
After the OPM breach, the U.S. and China recently agreed to hammer out a cyber "code of conduct." But John Pescatore, a director at the SANS Institute, argues that governments would be better served by first jointly combating cybercrime.
The OPM breach is not just the biggest in U.S. government history. It's also likely a classic case of third-party risk management, says Jacob Olcott of BitSight Technologies. What are the key lessons to be learned?
Shed a tear for enthusiasts of aging Microsoft Windows operating systems. That's because Microsoft has now retired Windows Server 2003 support, as well as anti-virus scanner and signature updates for Windows XP. But breaking up can be hard to do.
To prepare for any type of information security audit, healthcare organizations must be ready to precisely demonstrate how they are assessing, prioritizing and mitigating risks, as a recent state audit of Roswell Park Cancer Institute reinforces.
With Microsoft ceasing support for Windows Server 2003, security experts are warning organizations to quickly migrate to a new operating system and, in the meantime, lock down any servers that continue to use the aging operating system.