New details emerging about a breach involving a former Morgan Stanley employee illustrate how a case of inappropriate access to data can blossom into something much more serious. The case shines a spotlight on the urgent need to mitigate insider threats.
Two new malware reports - one from security researchers at technology giant Cisco, another from cybersecurity firm FireEye - demonstrate how developers continue to refine malicious code to maximize information-stealing and extortion potential.
A former member of the NullCrew hacking group has pleaded guilty to participating in attacks against several organizations, including Bell Canada, Comcast and the U.K.'s Ministry of Defense, which the gang claimed to have exploited via SQL injection flaws.
The Data Security Act of 2015, approved by the House Financial Services Committee, would create a national data breach notification requirement and spell out data security standards businesses must follow, usurping 47 state laws.
Amidst a perfect storm of circumstances, how will CISOs ensure that they remain relevant? Is outsourced security and MSSP dependence going to take over? Or are virtual CISO specialists going to rule the roost?
President Obama's remarks urging "high-tech and law enforcement leaders to make it harder for terrorists to use technology to escape from justice" are being interpreted by some to mean that government and Silicon Valley should collaborate to create a backdoor to circumvent encryption on devices used by terrorists.
The government of India reports an increase in the annual number of cybersecurity incidents. But what is being done to curb this increase? Security experts offer their recommendations for tracking and reducing these crimes.
Turns out electronic learning products can be bad for children's privacy - and for their parents too. The VTech breach highlights how, despite repeated warnings, too many manufacturers continue to not take security seriously.
Top American and Chinese government officials, meeting this week in Washington, agreed to create a common understanding on cyberthreats and how to respond to them, but the two sides offered different characterizations of the tone of the dialogue.
The breach of Hong Kong toymaker VTech highlights security experts' growing concern over manufacturers selling devices - for enterprises, medical purposes, schools as well as homes and now toy boxes - that don't appear to be secure by design.
Indian enterprises are increasingly vulnerable to cyber fraud, according to Kroll's new Global Fraud Report. But too many of these organizations rely solely on a reactive approach to fraud, says Kroll's Reshmi Khurana.
The Chinese government concedes the attack on U.S. Office of Personnel Management computers emanated from China, but it contends the culprits were criminals, not individuals working for the Chinese government or military. Some experts in the United States aren't buying the Chinese government's explanation.
Malware: How does it work, who built it and what - or who - is it designed to target? Answering these types of questions is a job for Marion Marschalek of Cyphort, who reverse-engineers malicious code for a living.
India's and Malaysia's cybersecurity teams look to strike a chord to collaborate and share best security practices to respond to security incidents. But the question is: Who will take the lead and has the expertise to face the challenges?
The security of Internet-connected toys is in the limelight after toymaker VTech acknowledged suffering a data breach that affects 5 million accounts and personal information and photographs relating to more than 200,000 children.