Apple-FBI crypto debate update: A researcher successfully defeated an iPhone passcode using less than $100 in equipment. But the delicate procedure, if used on the San Bernardino shooter's iPhone, could have accidentally obliterated its data.
Because many law enforcement agencies lack cybercrime expertise, it's important for companies that have been attacked to provide as much technical and forensic information as possible to authorities to help ensure that investigations lead to arrests and prosecutions, a panel of experts says.
Kimpton Hotels & Restaurants is warning that all 62 of its hotels suffered a POS malware infection this year that resulted in the compromise of cardholder data. So far it's unclear if the attack relates to breaches of Oracle MICROS or other POS vendors.
A UAE-based activist targeted by a rare and valuable remote exploit for Apple's mobile software has caused concern over the continued sale of powerful spying tools to governments with poor human rights records.
Too often when organizations get shaken down by online criminals, they panic, and in the process make the predicament they're facing even worse, warns digital forensic investigator Ondrej Krehel in this video interview.
FireEye CEO Kevin Mandia has blamed his company's lower-than-expected quarterly revenue on the rise of ransomware and cyber extortion attacks and a decline in APT campaigns. Experts debunk those assertions.
Security firm ThreatConnect says Guccifer 2.0, who claims to be the lone hacker of the Democratic National Committee, may have close ties to Russia. But after reviewing related technical evidence, not all security experts agree.
Interbank messaging service SWIFT will begin collecting and sharing anonymized attack information and offering incident-response services - backed by Fox-IT and BAE Systems - to help hacked banks. But will financial institutions buy in?
A report that the Russian government hacked into Democratic National Committee systems has security experts warning that just because malware was found on a hacked network, that doesn't mean a specific individual, group or nation-state was involved.
Days after booting hackers from its network, the Democratic National Committee allowed incident-response firm Crowdstrike to publicly detail its findings. That's a rare - albeit welcome - move for other potential targets.
With hack attacks continuing against banks, SWIFT must follow in the footsteps of other vendors - notably Microsoft - and begin offering detailed, prescriptive security guidance to its users, says Doug Gourlay of Skyport Systems.
Ransomware, regulations, botnets, information sharing and policing strategies were just some of the topics that dominated the "International Conference on Big Data in Cyber Security" hosted by Edinburgh Napier University in Scotland.
Vietnam's TPBank says it successfully foiled more than $1 million in fraudulent transfer requests apparently initiated by the same hackers who targeted Bangladesh Bank and other SWIFT-using institutions with PDF reader malware.
The theft of $81 million from Bangladesh Bank was "part of a wider and highly adaptive campaign targeting banks," SWIFT warns its 11,000 customers. Investigators say signs point to the same attackers having hacked Sony Pictures Entertainment in 2014.
Amidst finger-pointing over responsibility for the $81 million online theft from Bangladesh Bank, SWIFT has issued its first-ever information security guidance to banks, telling them that they're responsible for securing their own systems.