Target is the high-profile example, but many organizations have been breached through third-party vulnerabilities. Where are the security gaps, and how can they be filled? BitSight's Stephen Boyer offers insight.
A team of hackers has been operating since at least 2001, wielding malware that even today is among the most advanced attack code to have ever been discovered, according to a new study. Security experts are debating whether the NSA could be involved.
A key component of President Obama's executive order to encourage industry to share cyberthreat data is the creation of information sharing and analysis organizations, or ISAOs. But now, the hard part begins: defining the job and getting it done.
Despite commitments by leading payment card brands to enhance security, some critics say the White House cybersecurity summit produced no specifics for how the public and private sectors will curb cyber-fraud.
The Anunak/Carbanak gang continues to rob financial services firms and retailers, in part with ATM malware. A new report says the cybercrime gang has stolen up to $1 billion from banks in Russia, the U.S. and beyond.
The White House Summit on Cybersecurity and Consumer Protection late last week served as the stage for more than a dozen companies and trade groups to announce new initiatives aimed at securing Internet transactions and payments and reducing fraud.
Nine days after revealing that hackers gained access to personal data on millions of its customers, health insurer Anthem on Feb. 13 began offering victims two years of free credit monitoring and ID theft insurance, plus "identity repair assistance."
In a Feb. 13 keynote speech at a cybersecurity summit, President Obama described the cyberworld as the "wild, wild West" and the American government as the sheriff. Then he signed an executive order aimed at boosting cyberthreat information sharing.
Congressional investigators for the first time are designating protecting the privacy of personally identifiable information as a high risk area within the federal government and calling on Congress to enact new legislation to enhance PII safeguards.
Enterprise IT administrators are being urged to immediately patch a flaw that affects every Windows system released for the past 15 years. Attackers could remotely exploit the flaw to take control of a device and run any code of their choice.
Ten state attorneys general have criticized Anthem Inc. for being too slow to communicate with those affected by its massive data breach. But the health insurer says it will post details Feb. 13 on how victims can enroll for certain free services.
The FTC has ordered medical billing company PaymentsMD to change its practices for the collection and disclosure of consumers' personal health information. What similarities does this case have with concerns over HealthCare.gov's privacy practices?
The Obama administration has announced creation of a federal agency to analyze information culled from other agencies to battle cyberthreats to the government and the private sector. But the action is already drawing criticism.