The Australian Parliament's computer network was compromised in January after politicians browsed a legitimate website that was compromised. The watering-hole style attack resulted in a small amount of non-sensitive data being revealed, according to the leader of the Senate.
Why try to hack Silicon Valley firms if you can buy off their employees instead? Such allegations are at the heart of a criminal complaint unsealed last week by the Justice Department, charging former Twitter employees with being Saudi agents. Experts say tech firms must hunt for employees gone rogue.
India may soon have a single authority or agency responsible for the entire spectrum of cyber defensive operations. This is a good step that was long overdue. But the real test lies in actual implementation of the plan.
The latest edition of the ISMG Security Report offers an in-depth analysis of whether Instagram is doing enough to protect the contact information of minors. Plus: Compliance updates on GDPR and PCI DSS.
Pemex, Mexico's state-run oil company, is refusing to pay attackers a $5 million ransom after a ransomware attack against the firm's administrative offices, according to news reports. The company is still attempting to recover.
There are robust and detailed discussions in cybercriminal forums on how to attack modern vehicles, seeking clandestine methods to steal cars, says Etay Maor of IntSights. Luckily, hackers aren't aiming to remotely trigger an accident, but there are broader concerns as vehicles become increasingly computerized.
Researchers at Eclypsium have revealed new details concerning a significant flaw in Intel's PMx driver, which they say could give attackers "near-omnipotent" control over devices. Intel has released an updated version of the driver, a key step in mitigating risks.
When large-scale data breaches started to proliferate more than a decade ago, security leaders called for end-to-end data encryption. But that approach no longer suffices, says First Data's Tim Horton, who calls for a new multilayered defense.
In today's digital environment, protecting sensitive information and sales transaction data is of critical importance. Tim Horton of First Data explains the concept of "devaluing" data so it's worthless in the event of a breach.
A newly disclosed collaboration between Google and the massive Ascension healthcare system that the partners say is designed to improve patient care is raising serious privacy concerns. That's because the project involves Ascension sharing with Google data on millions of its patients - without their permission.
One key step for preparing to comply with the California Consumer Privacy Act, which goes into effect in January, is determining how best to verify the identity of users, say two leaders of the Sovrin Foundation, who discuss the key issues.
Students are increasingly turning to online universities as part of their educational experience. To keep students engaged, these platforms must provide positive user experiences, be consistently available, and remain secure. Cloudflare provides a scalable, easy-to-use, unified product stack to deliver security,...
Udacity is an online education company focused on making entry-level tech jobs more accessible through "Nanodegree" educational programs. Students from hundreds of different countries have gone through Udacity's programs, and some have been hired by top tech companies including Google, Amazon, and Facebook....