A Bangladesh probe says that an insider may have assisted attackers in perpetrating the $81 million cyber heist against Bangladesh Bank. SWIFT has unveiled new security measures to help other banks, but security experts say more will be needed.
Federal regulators have released a new framework of data security principles to guide healthcare entities and researchers participating in the Obama administration's Precision Medicine Initiative. But is it enough to safeguard sensitive patient data?
The breach notification site LeakedSource claims that social networking website MySpace has been hacked, with 360 million credentials containing 427 million encrypted passwords compromised. But LeakedSource acknowledges the age of the credentials is unknown. And the veracity of the data remains in question.
Troy Hunt, who runs one of the most prominent services for discovering if your data has been exposed in a breach, shares his thoughts on LinkedIn's recent breach and how his approach to disseminating data breach details continues to evolve.
Hackers reportedly stole $250,000 from Bangladesh's Sonali Bank in 2013, in what's now the fourth case involving malware attacks and injecting fraudulent money-transfer requests into the SWIFT interbank messaging network.
The business of executive email hacking is booming, with hundreds of millions of dollars lost in fraudulent wire transfers. But businesses can improve their processes to avoid inadvertently transferring funds to fraudsters, according to one expert.
E-commerce retailers face an ongoing battle: Their websites are constantly hit by bots using stolen credentials to try to take over accounts. What can companies do to protect themselves? Akamai's Michael Smith offers advice.
At a May 25 Congressional hearing to gain input regarding a bill that would elevate the role of CISO at the Department of Health and Human Services, legislators learn that there is no one-size-fits-all pecking order for CISOs at healthcare organizations in the private sector.
Cyberattacks have gained regulatory attention worldwide. But the world doesn't need more regulation to address new threats, says Steve Durbin of the Information Security Forum. Instead, government must work more closely with the private sector.
After blaming a recent spate of bank robberies on banks' poor information security practices, SWIFT has changed its tune. Now it says it wants to help financial firms spot related fraud and better share information about unfolding threats.
Neither Australia nor New Zealand currently has laws on the books requiring organizations to notify people affected by data breaches. But both countries do say they are committed to introducing that requirement.
A surge in ransomware attacks on hospitals is driving healthcare organizations large and small - as well as lawmakers and law enforcement agencies - to consider new and improved approaches to dealing with this evolving threat.
The Swiss government says that online attackers used a variant of "Turla" malware - previously tied to campaigns with suspected Russian intelligence ties - to steal at least 23 GB of sensitive information from state-owned defense firm RUAG.
After Kansas Heart Hospital suffered a ransomware infection and paid the demanded ransom, its attackers demanded more. At that point, the hospital reportedly declined to comply, relying instead on its pre-prepared backup and recovery plan.
Too few organizations have in-house incident response teams. As a result, they lack the native ability to even detect evolving threats, such as ransomware, says Ann Barron-DiCamillo of Strategic Cyber Ventures in this video interview. What are the must-have response capabilities?