In the wake of the reported FBI probe into Moscow-based Kaspersky Lab, here's a question: Could a government compel a domestic cybersecurity firm to ignore state-sponsored malware, or even add backdoors to its software or hardware products, without getting caught?
Target has reached a record settlement agreement with 47 states' attorneys general over its 2013 data breach. The breach resulted in hackers compromising 41 million customers' payment card details and contact details for more than 60 million customers being exposed.
So-called "trust attacks" aren't waged for financial gain. They're waged to compromise data, data integrity and to expose sensitive information. Why Darktrace CEO Nicole Eagan says trust attacks will be among our greatest IoT worries in 2017.
Good news for Microsoft Windows users: The Equation Group exploit tools dumped this month by Shadow Brokers don't work against currently supported versions of Windows, largely thanks to patches Microsoft released in March. But who tipped off Microsoft?
The U.S. regulation that forbid ISPs from selling information about web activity without a customer's permission is gone. But it's still possible to maintain privacy on the Web even if prying eyes are watching.
With the rapid changes in the threat landscape and the risks introduced by DevOps, the cloud and other new elements, organizations need to have a continuous vulnerability assessment program as a security baseline, says Richard Bussiere of Tenable Network Security.
Companies involved in mergers and acquisitions are increasingly targeted with cyberattacks that could potentially derail the deals, says Bryce Boland of FireEye, who outlines the risks and offers tips for mitigating them.
Because cyberattackers are now using memory-resident malware that leave no trace on the disk, forensics experts using traditional methods will face a challenge, says Christopher Novak, director of Verizon's global investigative response unit.
Cyber espionage groups are using unconventional channels to hack target organizations, according to Mandiant' s latest research. Trusted service provider relationships are being exploited to compromise organizations in government and defense, says Rob van der Ende, Mandiant's vice president for Asia Pacific and Japan.
Unprecedented hack attacks knocked three Ukrainian power providers offline in late 2015, and now a potential repeat hack has surfaced. Security experts recommend all power operators globally hunt carefully for related signs of attack.