The banking malware known as Carbanak continues to evolve, and cybercriminals are now using it to wage APT-style attacks against banks as well as companies in other sectors, according to security researchers at Kaspersky Lab.
Federal regulators are proposing changes to regulations governing the data privacy of substance abuse patients. Privacy experts disagree about whether the changes are necessary and practical, or potentially harmful.
Who is responsible for fraud losses resulting from business email compromise? Texas-based AFGlobal Corp. is suing its insurance firm to settle this question. Experts weigh in on the lawsuit and why cyber insurance rarely covers losses from these scams.
Java users are being warned to only use newly released installers to avoid a nasty potential exploit. Meanwhile, a veteran bug hunter questions whether Oracle's move to ditch Java browser plug-ins will have a significant security upside.
The rise in RFID-based contactless payment cards has led to increased concerns that fraudsters could wirelessly crack cards' secret cryptographic keys. But a team of MIT researchers has debuted defenses against such hack attacks.
While the healthcare sector is finally becoming aware of the cyberthreats and risks facing medical devices, new Internet of Things health devices are quickly creating new vectors for cyberattacks, warns cybersecurity expert Tyler Cohen Wood.
In this audio report, hear Homeland Security Assistant Secretary Andy Ozment attempt to assuage concerns raised by some business leaders who fear revealing corporate secrets by participating in cyberthreat information sharing. Others also weigh in on the issues.
The Office of Personnel Management is addressing three cybersecurity deficiencies identified by the agency's inspector general as contributing to a significant data breach, Beth Cobert tells a Senate panel considering her confirmation as the new OPM director.
The trend across industries is that automation results in a drastic reduction of operational job roles, even as it brings in economies of efficiency. What then does automation in security mean for the profession?
"We never negotiate" might be the expectation whenever law enforcement or government agencies get targeted by criminals or even "cyberterrorists." But outside Hollywood, the reality too often turns out to be far less rigid.
For only the second time, federal regulators have slapped a healthcare entity with a civil monetary penalty in a case involving egregious HIPAA violations. Find out why Lincare Inc. was fined after a privacy incident affecting just 278 patients.
The new EU-U.S. data transfer agreement will be called "Privacy Shield." Beyond that, however, the actual details of the agreement - and whether it will pass muster with the EU's privacy commissioners or high court - appear to be a work in progress.
Landry's Inc. now reveals the broad scope of point-of-service malware attacks against its restaurants and other properties dating back to 2014 and 2015. Experts discuss factors that could have contributed to the breaches.
It's the ultimate challenge for government agencies: How can they be both secure and compliant - especially when operating in a hybrid cloud environment? Trend Micro's Ed Cabrera offers insight into the unique challenges and emerging solutions.