The Trojan "Laziok" targets energy firms throughout the Middle East, India, the U.S. and the U.K., warn security researchers at Symantec. The malware attempts to exploit a Microsoft Office bug patched in 2012.
Declaring a national emergency over hack attacks, President Obama signed an executive order authorizing the government to impose sanctions on hackers. But information security experts voice questions - and concerns.
Nine individuals have pleaded guilty to charges stemming from their roles in an identity fraud scheme. Among the defendants is a former military hospital worker who stole soldiers' personal information to file false federal tax returns, prosecutors say.
Some legal and security experts are questioning the potential effectiveness of President Obama's new executive order that allows the U.S. government to block or seize the assets of individuals suspected of launching significant cyber-attacks
While several experts say two new cyberthreat alerts from the FFIEC are primarily designed to make sure that smaller institutions are mitigating ongoing threats, Shirley Inscoe of Aite says they could also be an indicator of new threats on the horizon.
As more mega-breaches occur, cyber-insurers will more closely assess the security risks of potential clients, leading more organizations to improve their information security programs, attorney John Yanchunis predicts.
A new report serves as a reminder about the importance of medical device cybersecurity. But it's also a wake-up call for healthcare organizations to seriously consider consumer wearable health devices in their risk management strategies.
The U.S. Department of Justice has charged two former federal agents with money laundering and wire fraud based on allegations that they attempted to profit from the investigation into the underground narcotics marketplace known as "Silk Road."
Application security is not keeping pace with evolving attacks, says Prasenjit Saha, a CEO at the consultancy Happiest Minds Technologies. One problem: lack of a standard, secure coding process in the application development life cycle.
Premera Blue Cross already is facing five class action lawsuits in the wake of its massive data breach. Meanwhile, its CEO has provided some answers to questions posed by a U.S. senator regarding the hacker attack.
Chinese officials have reportedly agreed to delay some banking-sector requirements aimed at foreign technology vendors, who were instructed to submit to rigorous audits and to add government-approved backdoors to their products.
Experts debate the value of new PCI guidance for how businesses should use penetration testing to identify network vulnerabilities that could be exploited for malicious activity. Does the new advice go far enough?