Psychologically speaking, nothing beats the power of a well-timed deadline. And love it or hate it, Google's 90-day "Project Zero" deadline for fixing flaws - before they get publicly disclosed - has rewritten bug-patching rules.
A federal banking regulatory agency has issued a warning about a new phishing campaign that aims to con consumers into disclosing personal and financial details by feigning to be a request from the regulator.
When IT veteran Branden Spikes founded his own company devoted to isolating browsers from attacks, he thought building the technology would be the top challenge. The venture capital community proved him wrong.
Security leaders expect the new Union budget to give a needed boost to cybersecurity education, as well as increased investment in critical infrastructure, biometrics and surveillance to fight cybercrime.
ITSERT's Rajan Raj Pant discusses the formation of ITSERT-NP to address Nepal's security challenges. How will the public-private partnership model be leveraged to create a central platform for cybersecurity?
The Anunak/Carbanak gang continues to rob financial services firms and retailers, in part with ATM malware. A new report says the cybercrime gang has stolen up to $1 billion from banks in Russia, the U.S. and beyond.
The Anthem breach, which possibly started with a phishing campaign, is a prime example of how hackers are perfecting their schemes to target key employees who have access to valued information, says Dave Jevans of the Anti-Phishing Working Group.
Emerging malware increasingly puts banks and their customers at risk for fraud. The sooner malware is detected and removed, the less likely banks are to suffer regulatory penalties and fines, and steep losses linked to fraud.
Spear phishing is going to be a leading worry for banks in 2015, as hackers increasingly target bank employees to compromise credentials used to access consumer and business accounts as well as critical servers and systems.
A new report now claims the breach at JPMorgan Chase is linked to a server the bank's security team overlooked when upgrading to two-factor authentication controls. Why that oversight and a well-planned spear-phishing attack were all hackers needed.
CERT-In has issued an alert against a new banking Trojan dubbed Dyreza, which targets users of online banking services. Security leaders offer advice for institutions to address risks and warn customers.
In addition to 56 million payment cards being compromised in the Home Depot data breach, approximately 53 million e-mail addresses also were stolen, the retailer reported in an investigation update on Nov. 6.
Amsterdam is again playing host to the annual Black Hat Europe information security gathering, and presenters have promised to cover everything from privacy flaws in wearable computers to two-factor authentication system failures.
Google says just 2 percent of the recent dump of nearly 5 million credentials to Russian cybercrime forums contained valid Gmail username and password combinations. But anyone who reused the same passwords on other sites remains at risk from hackers.
News reports of a suspected attack against JPMorgan Chase, and perhaps other banks, serve as an important reminder for financial institutions to ramp-up their security efforts, especially to guard against phishing attacks.