The developers of the Backoff point-of-sale malware that's infected more than 1,000 U.S. businesses have continued to refine their attack code, including encrypting communications and making the malware tougher to spot or eradicate, researchers say.
After 20 years in the Army and nearly that long as an information risk management leader at the National Institute of Standards and Technology, Ron Ross says his career is still evolving. Find out what he plans to do next.
Amy McHugh, a former FDIC IT examination analyst, says banking regulators will soon scrutinize C-level executives and boards of directors to gauge their cybersecurity awareness in the wake of the FFIEC's pilot cyber-risk assessment program.
The new director of Britain's eavesdropping agency, GCHQ, has blasted U.S. technology firms, arguing that - intentionally or not - they're "the command-and-control networks of choice for terrorists and criminals."
The National Institute of Standards and Technology has released a draft of guidance aimed at helping government agencies and businesses establish, participate in and maintain cyberthreat information sharing relationships.
Automated attacks have potentially compromised the majority of websites that run the Drupal content management system, giving attackers platforms for launching malware, DDoS attacks and spam, according to the Drupal security team.
Air-gapped networks promise security by disconnecting PCs from the Internet. But graphics cards in malware-infected systems attached to air-gapped networks can be made to broadcast data via FM radio to nearby smart phones, researchers warn.
Information security experts say espionage-focused attackers, apparently operating from Russia, have been using phishing e-mails and malware in multi-stage attacks designed to evade detection and steal political and military secrets.
In the wake of the JPMorgan Chase breach, which exposed personal information about millions of consumers and small businesses, banking leaders say they're increasingly concerned about cyber-attacks and geopolitical threats.
The annual Amsterdam gathering of information security aficionados detailed the very latest hacking threats, including cybersecurity attacks via drone, sniffing data from fitness devices, and exploiting ATMs using Raspberry Pi computers.
Sophisticated threats require advanced threat protection. A threat-focused next-generation firewall must adhere to three strategic imperatives. Learn how these imperatives improve defense against advanced threats.
Most citizens rightly don't trust the Internet as a voting booth. But the Atlantic Council's Jason Healey says that could change, not because of better security, but because the digital generation might demand it as they age.
Security vendor Proofpoint warns that a "malvertising" campaign has been launching ransomware attacks against users of numerous high-profile websites, including search site Yahoo, dating site Match.com, and an AOL real estate site.