Members of the USPS testified before a House subcommittee Wednesday, drawing criticism over the delay in its breach notification to impacted employees.
With more than 400 technical, government and cyber experts involved, Cyber Coalition 2014 tested the speed of sharing threat intelligence.
The USA Freedom Act, aimed at NSA surveillance reform, failed to pick up enough votes to avoid a Republican filibuster.
Veterans Affairs has failed an annual cybersecuirty audit for the 16th year in a row, a new report reveals.
The AP reported on Sunday that the State Department had its unclassified system compromised. The news follows the breach of three other government entities' systems.
Judges in Pierce County, Wash. approved a new requirement that would make law enforcement officials explicitly cite when they plan to use 'stingray' technology during an investigation.
The U.S. Department of Justice is attaching small devices to airplanes that gather massive amounts of mobile phone data, including the data of innocent Americans, a Wall Street Journal report indicates.
The funding will support the development of two new supercomputers.
A Canadian federal bill that would force companies to notify individuals of breaches moved a step closer to being law in October.
British Columbia's provincial government is notifying 15,000 individuals after a privacy breach in its Wildfire Management Branch.
Canada's RCMP cannot tell whether it complies with federal privacy law when gathering information about citizens without a warrant, according to a report.
The Department of Energy contract will allow Norse to support the agency's Cybersecurity Risk Information Sharing Program (CRISP).
Seventeen suspected members of online marketplaces, including Silk Road 2.0's alleged operator, have been arrested.
The government has begun encrypting user data on two websites providing AIDS-related information.
Vladimir Drinkman, who was charged for his involvement in the Heartland breach, is currently in the Netherlands.
This year has been so bad for merchant data breaches that the president felt the need to ensure that the government would offer itself as a more safe and secure place to do business with.
Simulation exercises show how companies should respond under a cyberattack, says HHS's Sara Hall. Teri Robinson reports.
Sen. Charles Schumer of New York has called on federal law enforcement officials to stop "copy cat websites."
The Italian spyware company had its manuals posted online that detail how thoroughly an infected user's actions can be monitored.
The White House experienced a sustained cyberattack on its systems that impacted its network for nearly two weeks.
The unnamed leaker's house was searched and a criminal case was opened after documents about the U.S. government's terrorist watch list were published.
The credential-stealing malware Dyre has been tied to a string of phishing attacks.
An Estonian man, Sergei Tsurikov, was sentenced Friday after helping to steal over $9.4 million from payment processor RBS WorldPay in 2008.
A federal court shut down Pairsys at the request of the Federal Trade Commission.
The attack used a false certificate to trick iCloud users into handing over personal data and login credentials. With an attack of this size, some experts and researchers believe the Chinese government could be to blame.
Speaking at a National Association of State Attorneys General conference, ISA's Larry Clinton asked the AGs to step up efforts to get more resources.
The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.
Reuters reported on Wednesday that DHS is investigating roughly 24 cases of suspected vulnerabilities in medical devices and hospital equipment.
A bill, which would require a national reporting standard, has failed to make it before the Senate or House this year.
Information on half a million federal workers in the government's SmartBuy program went undetected by Chase hackers.
The search engine company updates it piracy report to let users know how its adjusting search results to stop illegal piracy efforts.
President Obama signed an Executive Order at the Consumer Financial Protection Bureau calling for enhanced security measures, including microchips and PINs.
The settlement brings some resolve to the 2012 breach, where the bank lost unencrypted backup tapes.
Jaime Estrada was sentenced to nine months in prison and was ordered to pay a $10,000 fine.
With data breach and fraud alerts in mind, the ABA filed a petition on Tuesday asking the FCC to remove "outdated regulatory restrictions" that prevent sending automated calls and texts to mobile devices.
A group of cybercriminals believed to be Russian are exploiting a zero-day vulnerability to deliver malware and gather information from various organizations around the world.
National Security Letters (NSLs) tread on the First Amendment and give the FBI too much authority, EFF argued.
The settlement marks the largest FCC enforcement action to date, and also involved the FTC and state attorneys general.
The social media giant believes the limits imposed by the DOJ on data in transparency reports for its users violates its First Amendment rights.
The FCC launched an investigation last year after a consumer complained of the practice.
Cyberwarfare is so new that the ground rules are still being established. Nazan Osman provides an overview.
It's all about what you say and how you say it, says DHS's Phyllis Schneck. Teri Robinson reports.
Just recently we witnessed the U.S. House of Representative pass two bills aimed at bolstering the security operations of the nation's critical infrastructure.
It's more than a trend. Mobile devices are becoming the new enterprise desktop. But mobile devices require the same security considerations to access corporate intranets or securely sending and receiving email.
James Comey reportedly said the developments could put consumers "beyond the law."
The contract includes initial tasks totaling $29 million, the U.S. Commerce Department's NIST said.
Security and privacy professionals employ enumerable solutions and techniques for information security. Yet, the target of the protection, sensitive and private data, is not clearly understood.
The Federal Trade Commission had asked a federal court to shut down the company, which marketed specialized computers to mine bitcoins.
The ISA99/IEC 62443 portfolio of standards has emerged as a leading framework for cybersecurity in ICS and SCADA and was referenced in the recent Presidential Framework.
Senators introduced the legislation last week as a means of amending the Electronic Communications Privacy Act (ECPA).
The company received more than 100,000 government requests for customer data last year.
Healthcare IT professionals deal with an increasing array of critical security issues that involve privacy, BYOD and network access, managing live-saving medical devices, and ensuring compliance federal regulations.
Yelp will pay $450,000, and TinyCo will pay $300,000 to settle charges that their mobile apps collected information from children under the age of 13.
The top Democrat on the House Oversight and Government Reform Committee asked for a hearing to investigate the CHS breach.
Documents provided by Edward Snowden reveal that the NSA is looking to build a near real-time map of every single internet-connected device in the world.
The Federal Bureau of Investigation has announced that it is prepared to roll out its new fully operational facial recognition system.
Mark Marmilev pleaded guilty on Thursday for his part in a money laundering conspiracy.
Microsoft continues to fight an order requesting it to turn over customer emails stored in a data center in Ireland.
On July 9, 2014, the Cybersecurity Information Sharing Act (CISA) passed the Senate Intelligence Committee in a 12-3 vote. The legislation encourages threat information sharing between government and the private sector
Administrator Marilyn Tavenner will have to testify in front of the House Committee on Oversight and Government Reform on Sept. 18.
More than 40 civil liberties groups are urging Senate leaders to pass legislation that would put a halt to the NSA's data collection practices.
Business leaders are beginning to fathom the importance of cyber war game simulation exercises, reports James Hale.
Revelations of government surveillance are fueling a paranoia that isn't going to subside. Kate O'Flaherty asks whether firms should be afraid of adopting cloud?
Under the agency's COPPA ruling, website that collect personal information on its young users must receive parental consent before doing so.
Timothy DeFoggi, who was nabbed by the FBI last year in its Operation Torpedo investigation was convicted by federal jury in Nebraska.
The bill would prevent companies from selling students' data and profiting from it.
More than 1,000 analysts at 23 U.S. government agencies have had access to more than 850 billion records courtesy of NSA's ICREACH, a search engine similar to Google.
Starting July 2015, all smartphones sold in the state must come with the anti-theft technology.
Claiming funding from the federal government and an endorsement by President Obama, a debt relief program coerced private data from consumers.
The Metropolitan Police have reportedly lobbied for two years to enact the standard.
GMR Transcription Services in California agreed to settle FTC charges related to its security practices.
The Associated Press was denied a request made under the Freedom of Information Act for documents that contain security information on HealthCare.gov.
The NSA program, called "MonsterMind," is reportedly being developed by the intelligence agency.
The task force will examine the use of the technology by foreign intelligence agencies and criminals targeting Americans.
The National Bureau of Investigation (NBI) warned that the incident showcases the growing incidence of ATM skimming fraud.
The DEA paid an unnamed Amtrak secretary more than $850,000 for passenger information that it could have attained for free.
After a disastrous rollout of healthcare.gov, the White House has put together a team of private sector gurus to improve federal websites.
In this video, Joshua Corman, CTO at Sonatype, chats with SC Magazine's Danielle Walker on his involvement in some important upcoming initiatives.
Speaker Jason Healey warned that the internet can only endure so much abuse before it's irreversibly damaged.
Two USIS clients, the Department of Homeland Security and the Office of Personnel Management, have suspended their contracts as a result of the incident.
The nonprofit group which run Wikipedia was notified by Google of links removed from its search results.
The guidance gives federal agencies improved assessment procedures for securing their information systems and networks.
Sen. Patrick Leahy introduced an NSA reform bill that would update the USA Freedom Act.
One bill aims to improve agencies' website security, while another works to thwart critical infrastructure attacks.
In a recent report, a House of Lords subcommittee called the "right to be forgotten" law unenforceable.
A report by Brian Krebs detailed the intrusions, which occurred between Oct. 2011 and Aug. 2012.
A federal court in New York issued default judgments against 14 companies and individuals who allegedly operated the scams.
The bill is set to be introduced on Tuesday.
Bloomberg says the Japanese government is eyeing cyber security legislation to make companies 'fess up to security incidents impacting users.
The conference will be anchored by the Maryland Cyber Challenge and Competition, a security job fair, and more.
The two-week exercise, "Cyber Guard 14-1," was completed this month.
Almost one in four employees at Canada's Justice Department fell prey to internet phishing in an exercise last December.
Much to the chagrin of privacy advocates and other security experts, the Cybersecurity Information Sharing Act of 2014 passed the Senate Intelligence Committee last week.
In a Tuesday hearing, a Senate subcommittee heard testimony from government and private sector security experts over the botnet explosion.
Stephen Su is accused of accessing U.S. firms' systems, including defense contractors Boeing and Lockheed Martin.
Cryptolocker is effectively non-functional and unable to encrypt newly infected computers, according to a status report filed by the Justice Department on Friday.
In 2013, the banking trojan was deemed one of the most active banking trojans by Dell SecureWorks.
The Cybersecurity Information Sharing Act of 2014 encourages threat information sharing between government and the private sector.
On Tuesday, the telecom giant published its second transparency report on government requests for customer data.
CrowdStrike revealed that the attack group is now targeting sensitive data about political affairs in Iraq.
Sign up to our newsletters
SC Magazine Articles
- Operators disable firewall features to increase network performance, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Upping the ante: PCI Security Standard
- The Internet of Things (IoT) will fail if security has no context
- Citadel variant targets master passwords, authentication solutions
- USPS draws ire of Congress over data breach response
- Buffer overflow vulnerabilities identified in Hikvision DVR devices
- Android malware 'NotCompatible' evolves, spawns resilient botnet