The U.S. Justice Department has charged three men - two are in custody - for hacks against email service providers - including Epsilon - that allegedly resulted in the theft of 1 billion email addresses, many later used in massive spam campaigns.
In an application-driven economy, security is not just about deploying controls for protection. It's about being a business enabler, says Steve Firestone, general manager of the security business at CA Technologies.
Mandarin Oriental Hotel Group and Natural Grocers are two of the latest merchants to confirm breaches of their point-of-sale systems. Security experts analyze the impact these breaches are likely to have on issuers and cardholders.
All Windows operating systems are at risk from the SSL/TLS vulnerability known as Freak, Microsoft warns. The company has outlined temporary workarounds - except for Windows Server 2003. Experts say no in-the-wild attacks have yet been seen.
British police over the course of this week launched 25 cybercrime-targeting raids and made 57 arrests, including suspects who have been tied to a U.S. Defense Department network intrusion, Lizard Squad attacks, as well as a massive Yahoo breach.
Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.
Many Apple and Android devices are vulnerable to a TLS/SSL "Freak" flaw, which could be exploited to subvert secure Web connections. The flaw is a legacy of U.S. government export restrictions on strong crypto.
Canadian Internet service provider Rogers Communications has confirmed that information about the company and its customers was leaked after attackers successfully targeted one of its employees via a social engineering attack.
New exploits linked to Apple Pay aren't compromising the mobile device's security, but instead are taking advantage of lax authentication practices used by banking institutions to verify cards that are loaded to the iPhone for Apple Pay purchases.
Information on 50,000 drivers for ride-sharing service Uber was breached in May 2014, the company discovered in September and announced on Feb. 27. Uber has launched a related lawsuit and is seeking records from code-sharing website GitHub.
Lenovo, the world's largest PC manufacturer, promises to stop preinstalling any software on its Windows laptops that doesn't need to be there. The move comes following security alerts relating to the Superfish adware the company had been preinstalling.
SIM card manufacturer Gemalto says its investigation into a reported U.S. and U.K. intelligence agency espionage operation found that its internal networks housing encryption keys weren't breached. But security experts question those findings.
Hackers have been stealing the secret trading algorithms that are the lifeblood of many hedge funds and high-frequency trading firms, according to two security companies. What can be done to mitigate the risks?