A George Mason University researcher says NIST's cybersecurity framework is likely to cause more problems than it solves. Instead, he encourages critical infrastructure operators to adopt dynamic cybersecurity provisions.
An ongoing APT campaign employs decoy documents to lure potential victims into installing malicious remote-control tools. Targets include at least one bank, the BBC and many U.S. and EU government agencies.
Security researchers say the international takedown of the Gameover Zeus botnet and servers for CryptoLocker ransomware will have a positive short-term impact, but they warn the threats could quickly re-emerge unless key steps are taken.
A key challenge in mitigating cyber-risks is differentiating new malware threats from older ones. Experts offer insights on how to sort through the massive number of alerts issued by vendors to identify the real threats that require attention.
The OpenSSL Project is receiving new funding to support its operations following the Heartbleed exploit that exposed a flaw in the cryptographic tool that's used to provide communications security and privacy online.
Banking institutions need to develop "day-to-day situational awareness" of the latest threats, says Vikram Bhat, a principal at Deloitte & Touche, which just released a report about cybersecurity issues and awareness.
A new report for shareholders recommends that seven members of Target Corp.'s board of directors should be replaced as a result of the retailer's massive data breach. Experts discuss the role boards must play in cybersecurity.
Legislation before the House to excise from federal law the requirement that NIST work with the NSA on cybersecurity standards wouldn't likely stop the two federal agencies from continuing to collaborate.
Hacker Hector Monsegur, also known as "Sabu," has been sentenced to time served because he aided the government in preventing or mitigating more than 300 cyber-attacks, including those against the U.S. Congress, Visa and MasterCard.
French IT services company Atos has announced its intention to purchase Bull, an enterprise data firm, to enhance its cybersecurity and big data offerings. The deal is worth $844 million, or 620 million euros.
In the more than a month since the Heartbleed bug was announced, many organizations have made progress in mitigating the risks. Security experts highlight gaps that remain and offer remediation advice.