Where have all the hacktivists gone? While the likes of Anonymous, AntiSec and LulzSec became household names in the early 2010s, in the past three years the number of website hacks, defacements and information leaks tied to bona fide hacktivists has plummeted.
VMware is acquiring cloud security firm Carbon Black in a $2.1 billion cash deal to bolster the virtualization giant's security portfolio. It's also acquiring Pivotal, a company that focuses on helping its customers build applications in the cloud as well as through new technologies such as containers.
Ransomware-wielding attackers continue to target not just big businesses and large government agencies, but increasingly their smaller counterparts too. In Texas, officials say a campaign tied to a "single threat actor" infected 22 local government agencies on Friday.
Progressive companies seeking to improve their security are increasingly adopting bug bounty programs. The theory is that rewarding outside researchers improves security outcomes. But in practice, bug bounty programs can be messy and actually create perverse incentives, says bug-hunting expert Katie Moussouris.
An A-list of cyber experts, including former Homeland Security Secretary Jeh Johnson, has put its weight behind U.S. CyberDome, a nonpartisan initiative to protect presidential campaigns against foreign influence. Matthew Barrett, a former NIST leader and co-founder of CyberDome, outlines how this group is gearing up.
Deception technology is attractive in that it offers - in theory - low false positives and critical clues to attackers' methodologies. But the benefits depend on its ability to fool attackers and whether organizations can spare the time to fine-tune it.
A South Korean company that makes a biometric access control platform exposed fingerprint, facial recognition data and personal information after leaving an Elasticsearch database open, security researchers say. They found 23GB of data belonging to organizations that use Suprema's BioStar 2 system.
Microsoft has released a set of patches for two newly discovered BlueKeep-like vulnerabilities in a number of Windows operating systems. The "wormable" bugs in remote desktop services permit propagation of malware from one compromised device to others, the company reports.
If you're a provider of financial services, then client trust, privacy, and risk management are critical to your success. Therefore, you must protect your organization's sensitive data from cyber attacks and data breaches. A recent survey of current software security practices in the financial services industry...
Security researchers at Check Point Software Technologies say they've uncovered an SQLite database vulnerability in Apple iOS devices that can run malicious code capable of stealing passwords and gaining persistent control on affected devices.
A new variant of the Ursnif Trojan is targeting vulnerable systems in an attempt to steal banking passwords and other credentials. The malware is spreading through infected Microsoft Word documents, and it has the ability to evade advanced security filters, according to security researchers at Fortinet.
IoT, the cloud, third-party risk - we hear a lot about how the cybersecurity risk surface and threat landscape have evolved. But what about the new business demands on cybersecurity leaders? Christopher Hetner, former global CISO at GE Capital, shares insights.