Cyber espionage groups are using unconventional channels to hack target organizations, according to Mandiant' s latest research. Trusted service provider relationships are being exploited to compromise organizations in government and defense, says Rob van der Ende, Mandiant's vice president for Asia Pacific and Japan.
Will the advent of faster payments in the U.S. open new doors for fraud? Business continuity and security are priorities for the Federal Reserve, says Marianne Crowe of the Boston Fed. But independent consultant Richard Party begs the question: Is the U.S. really ready?
After 10 days of Microsoft not issuing an advisory or fix for a zero-day flaw found by Google that's being actively exploited in the wild, Google publicly revealed details of the flaw. But Microsoft says that puts its users at further risk.
The massive Sony breach spelled out the risks facing any business that deals in digital content. Here's how David Hahn, CISO of publishing giant Hearst, keeps the cybersecurity conversation going with his board of directors.
Dear customer: "The security and privacy of your systems are our priority." Cue a new breach notification, this time from Lightspeed POS, which sells a cloud-based point-of-sale product used by 38,000 organizations.
Intelligence agencies sometimes seek out and develop exploits for the very technology that their nation's organizations rely on to secure their data. In an interview, cybersecurity expert Alan Woodward offers insights on how information security professionals should respond.
Australia's postal service is researching the use of the public cryptographic ledger known as blockchain for e-voting applications, but experts cast doubt on whether the approach would help resolve the many worries around internet voting.
The Equation Group leak revealed a zero-day flaw in Cisco's firewall software - a patch is being prepped - as well as a vulnerability in Fortinet's software that's since been patched. Has the U.S. government long known about the flaws?
A new research project called Amnesia tackles the password management problem by not storing full data in any one place where it can be hacked. But does this proposed solution truly offer better password security?
Imagine the security implications of a world in which millions of people have a physical impairment that leaves them internet-connected. Say hello to the promise - and peril - of internet-connected hearing aids, says Global Cyber Alliance's Phil Reitinger.
Scuffles between anti-virus software vendors have stepped up a notch, with startups and industry stalwarts slinging mud at each other. Cylance now says it plans to make its product available for tests used to benchmark security software.
A recent interview about Hillary Clinton's email server controversy drew numerous comments, with respondents divided over whether users will devise ways to circumvent systems safeguards to do their jobs more effectively. Join the conversation.
Interbank messaging service SWIFT will begin collecting and sharing anonymized attack information and offering incident-response services - backed by Fox-IT and BAE Systems - to help hacked banks. But will financial institutions buy in?
Europe's biggest annual information security conference returns to London this week. Here's my pick of the top Infosec Europe sessions, with topics ranging from cybercrime and incident response to EU regulations and the Internet of Things.