Too many organizations fail to adequately manage and secure their SSH keys, even though the keys secure everything from file transfers and backups to patching and database management, NIST warns in new draft guidance.
Information Security Media Group recently hosted a Twitter chat on the latest fraud trends featuring analyst Avivah Litan, director of research at Gartner, Read the entire transcript of the #ISMGprotalk Twitter chat.
Early reports suggested Russian hackers are behind complex attacks and network intrusions at multiple U.S. financial services firms, including JPMorgan Chase. But security experts warn against jumping to conclusions, based on scant evidence.
The PCI Security Standards Council has issued an alert offering insights for mitigating the threat of "Backoff" POS malware, which has hit 1,000 U.S. businesses. Plus, the council is providing updated guidance for maintaining PCI-DSS compliance.
Russian hackers stole data from JPMorgan Chase and at least one other bank in a mid-August attack against the U.S. financial system, according to a Bloomberg news report. The attack allegedly resulted in the loss of "gigabytes" of sensitive data.
The workgroups that advise the Office of the National Coordinator for Health IT on privacy and security issues are shifting gears as the ONC focuses on building an interoperable, nationwide health IT infrastructure. Find out what's on their agendas.
A Google-like search engine known as ICReach has enabled government agencies to share more than 850 billion records from phone calls, e-mails and Internet chat sessions, according to a report that cites leaked documents from Edward Snowden.
News that Community Health Systems suffered a massive data breach illustrated yet again the U.S. healthcare sector's vulnerability. This infographic takes a look at the top five health data breaches in recent years.
Sony has restored service to its PlayStation Network and Sony Entertainment Network sites after services were disrupted by a DDoS attack by the group "Lizard Squad." Little is known of the group, except its penchant for jihadist claims.
Security intelligence firm LogRhythm has launched what it calls a "threat intelligence ecosystem" in collaboration with five other security vendors, giving customers the ability to customize the information they want in their intelligence feeds.
The social network LinkedIn has agreed to settle a consolidated class action lawsuit stemming from a June 2012 data breach that compromised 6.5 million hashed passwords. Find out the financial details of the settlement.
More than 1,000 U.S. businesses have likely been infected by Backoff, a new point-of-sale malware linked to numerous remote-access attacks, according to an Aug. 22 advisory from the Department of Homeland Security.