- Hackers try to blackmail plastic surgeon after stealing 500,000 patient records
- How to keep your smartphone (and its data) secure
- Espionage outpacing financial crime as better reporting improves security picture: Verizon
- Web apps and point-of-sale were leading hacker targets in 2013, says Verizon
- Google introduces Chrome 'factory reset' pop-ups to tackle extensions hijacks
Web application attacks, cyber-espionage and point-of-sale intrusions were among the top IT security threats in 2013, according to Verizon's latest annual report on data breach investigations.
Security researchers have found that many satellite communication systems have vulnerabilities and design flaws that can let remote attackers intercept, manipulate, block and in some cases take full control of critical communications.
About 2.6 million payment cards at Michaels Stores and another 400,000 at subsidiary Aaron Brothers may have been affected in a card skimming attack that compromised its point-of-sale systems, the retailer said Thursday.
Website operators should assess their whole Web infrastructure when patching the critical Heartbleed flaw in OpenSSL, otherwise they risk leaving important components open to remote attacks, despite fixing the problem on their publicly facing servers.
Home routers and other consumer embedded devices are plagued by basic vulnerabilities and can't be easily secured by non-technical users, which means they'll likely continue to be targeted in what has already become an increasing trend of mass attacks.
In today's threatscape, antivirus software provides little piece of mind. In fact, antimalware scanners on the whole are horrifically inaccurate, especially with exploits less than 24 hours old. After all, malicious hackers and malware can change their tactics at will. Swap a few bytes around, and a previously recognized malware program becomes unrecognizable.
Police in Austin, Texas, set up sting operations with cars they have under surveillance, watching for thieves to break into them. Marcus J. Carey's Web service, HoneyDocs -- born in the same city -- uses the same concept, only with computer files.
It's a common belief in the information security world that the Chinese government is behind many of the advanced persistent threats that target companies around the world in an effort to steal their IP and trade secrets. Now one security firm has come forward with years of evidence to link a prolific APT group to a unit inside the Chinese government.
Security pros and government officials warn of a possible cyber 9/11 involving banks, utilities, other companies, or the Internet
Last week Gen. David Petraeus, the director of the Central Intelligence Agency, resigned in response to what has turned out to be a much bigger scandal than it first appeared.
Sign up now »
Improve the effectiveness of your security or get unique network threat discovery and remediation
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.