A second economic espionage campaign has been tied to a Chinese military hacking team. But does that attribution help businesses, or just highlight security firms battling for government cybersecurity spending?
A new voluntary cybersecurity framework from the Bank of England is designed to help financial institutions in the U.K. identify vulnerable areas that could be exploited by a cyber-attack. Find out the details of the new program.
Imagine a cyber-attack that disables an electricity distribution center. What's the role of the U.S. military, government or the utility company in defending and retaliating? That's a question on the mind of Army Col. Gregory Conti.
The British government aims to increase uptake of five essential security controls at U.K. businesses, backed by third-party annual audits and a badge of compliance. Many government contractors must comply.
In the wake of the Heartbleed flaw, a researcher finds new weaknesses in OpenSSL that could be exploited to launch man-in-the-middle attacks, distributed-denial-of-service attacks and remote-code execution on millions of sites.
A proposed UK computer crime bill would increase hacking penalties and criminalize cybercrime attacks that impact the economy, environment or national security. Proving related charges in court, however, could be difficult.
There's good news on the Zeus Gameover Trojan and Cryptolocker ransomware campaigns: The number of new infections has become "very low," if not fallen to zero. But related attacks could quickly resurge. Learn the reasons why.
A George Mason University researcher says NIST's cybersecurity framework is likely to cause more problems than it solves. Instead, he encourages critical infrastructure operators to adopt dynamic cybersecurity provisions.
Healthcare organizations using medical devices that run on the Microsoft Windows XP platform, which is no longer supported, need to have short- and long-term strategies to address cybersecurity, says medical device security researcher Kevin Fu.
An ongoing APT campaign employs decoy documents to lure potential victims into installing malicious remote-control tools. Targets include at least one bank, the BBC and many U.S. and EU government agencies.