A British man who pleaded guilty to selling homemade distributed denial-of-service attack tools reportedly used to carry out more than 600,000 attacks has escaped jail time, with a judge calling him "young and naïve."
Security experts are once again warning all Flash users to either update or uninstall the browser plug-in software to protect themselves against active exploit kit attacks that are targeting a zero-day Flash flaw to install ransomware.
A court has approved settlement of a class-action lawsuit filed by employees of Sony Pictures in the wake of its massive 2014 breach. But some legal experts say the consumer protections provided in the settlement do not go much beyond what the company should have routinely provided to victims in the wake of a breach.
New guidance from the National Institute of Standards and Technology could help make it easier and less expensive for organizations to encrypt and decrypt some forms of data, including Social Security and credit card numbers.
The massive 'Panama Papers' leak demonstrates how law firms are at risk from internal and external attackers seeking to access confidential information. Experts offer insights on how these firms, and others, can better defend their clients' secrets.
Luxury hotel chain Trump Hotels is investigating a possible breach that some security sources say targeted the chain's point-of-service system. If confirmed, it will be the second card breach suffered by the chain in less than a year.
The massive "Panama Papers" data leak apparently was enabled by a law firm failing to have the right information security defenses in place. The breach calls attention to the need for all organizations to encrypt sensitive data, use access controls as well as monitor access patterns for signs of data exfiltration.
Security experts worldwide are sorting through the implications of the so-called "Panama Papers" leak, involving 11.5 million records. The documents highlight an elaborate web of offshore holdings that everyone from heads of state to celebrities and fraudsters have allegedly used to hide billions of dollars.
The vast majority of cloud services today store - and manage - all related cryptographic keys for customers. But in the post-Snowden era, organizations that use cloud services must better control and lock down those environments, says WinMagic's Mark Hickman in this video interview.
As DDoS attacks become more sophisticated, organizations must include prevention components in their overall security infrastructure, rather than just their network infrastructure, JP Blaho of Arbor Networks says in this video interview.
Ransomware is such a serious cybersecurity concern that the FBI has issued new guidance and yet another alert about the threat. Nevertheless, experts say too many organizations are still unaware of the risk, muchless how to mitigate it.
Defending against online attackers, attempted account takeovers and other types of fraud requires closely monitoring networks, users and devices for any signs of anomalous behavior, says Thomas Hill, CIO of Live Oak Bank, in this video interview.
The FBI has successfully retrieved data off the iPhone used by one of the San Bernardino shooters and is withdrawing its motion to have a federal court order Apple to help the government unlock the phone. A federal law enforcement official declines to characterize the information discovered on the device.
Verizon Enterprise Solutions, which regularly assists clients in responding to their data breaches, admits it's suffered its own breach. The breach of contact information reportedly affected 1.5 million business customers, who now face greater risk of phishing attacks.
The Justice Department has unsealed indictments against seven Iranians, allegedly working on behalf of the Iranian government, who are suspected of conducting DDoS attacks against dozens of American banks and attempting to seize control of Bowman Dam outside New York City.