Expect every new warning of cybercrime attacks, online espionage or the malware du jour to be slickly marketed, with the announcements carefully timed. But is this bad for either the information security community or attackers' victims?
Millions of user credentials are breached regularly - whether we hear of the incidents or not. So, why do we continue to rely on passwords? Derek Manky of Fortinet discusses authentication and data retention.
That Russian hackers may be hording 1.2 billion credentials merely reflects the insecurity of the world we live in today, says David Perry, threat strategist at the Finnish IT security company F-Secure.
The hacker community can be a cynical crowd, or perhaps a realistic one, that tries to make the best of the threats confronting society. CISO Dan Geer, for example, prefers to hire security folks who are, more than anything else, sadder but wiser.
A report that a Russian hacker group dubbed "CyberVor" is hoarding more than 1 billion stolen passwords triggered worldwide concern, but security experts caution that scant details have been revealed, making the threat tough to judge.
Today's sophisticated attackers use ever-stealthier malware and zero-day exploits to evade traditional security defenses, making organizations increasingly vulnerable to advanced persistent threats (APTs). These APTs seek to exfiltrate critical data over the long term.