According to Accenture's 2015 Global Risk Management Study, financial services and banking executives view cyber & IT risk as their top risk area over the next two years.
With mega breaches springing up one after another, many industry players have registered both disbelief and awe at the sheer numbers of individual credentials stolen.
Back in 2013, the Syrian Electronic Army (SEA) hacked The Washington Post's site, redirecting visitors to hacker-controlled pages.
Distil Networks has produced their annual Bad Bot Report. It's the IT Security Industry's most in-depth analysis on the sources, types, and sophistication levels of last year's bot attacks-- and there are serious implications for anyone responsible for securing their web infrastructure.
Attackers targeted a server operated by New Jersey-based advertising network, Mad Ads Media, in order to redirect users to an exploit kit.
Biopharma companies need a secure digital signing infrastructure. SureClinical found an answer for them, reports Greg Masters.
After more than a year with company founder Jeremiah Grossman serving as interim CEO, WhiteHat has selected Craig Hinkley to fill the top spot.
It's clear that cyber-crimes are alive and well on the global stage and will only continue to be pervasive as long as organizations prolong taking the necessary defense measures to stop threats from slipping through the cracks.
Researchers described "Great Cannon" as China's latest internet censorship tool.
Google made the decision after investigating a security incident in which digital certs were "misissued."
5 Networks opened the doors to its new security operations center (SOC) facility at its Seattle headquarters today.
The challenge for security practitioners is to make the mobile ecosystem more trustable, reports Alan Earls.
Given the recent headline-grabbing breaches, in this month's debate information security professionals discuss whether or not money is safe online.
With so many of us visiting the web for social-networking, shopping, banking, paying bills and general surfing, it's imperative that companies ensure their web facing applications are secure and free from vulnerabilities.
With security incidents becoming a weekly, if not daily, occurrence, organizations need proactive, preventative security measures to protect themselves and their customers. Hear from a diverse panel of IBM Security experts.
Although the IBM z Systems platform is known for scalability and security, you still have to monitor who did what, when, why, where and how to ensure that information stays protected.
The New York Police Department's (NYPD) Captains Endowment Association website was hit by a cyber attack over the weekend.
Many of the largest data breaches recently were initiated by attackers targeting the weakest links—remote sites, supplier networks, and mobile workers.
In this video, Manoj Leelanivas, president and CEO of Cyphort, discusses how malvertising works, the impact of the threat, and how the issue can be addressed.
The Secure Socket Layer (SSL) protocol is under attack. In the last year, new vulnerabilities have been uncovered that allows malicious attackers to undermine security that organizations put in place to protect themselves and their end users sensitive information.
A vulnerable Google Maps plug-in for Joomla allowed attackers to spoof the source of DDoS attacks.
Government agencies have the opportunity to lower cost and improve both internal and Citizen-facing services by moving from static web-based information portals to leveraging the web as a service delivery platform.
Enterprises are racing to shore up on-premises and cloud defenses to avoid being the next security headline. Spending on security technologies is at an all-time high, but how confident are you in vendor decisions and the security architecture you are implementing?
As adversaries continue to innovate—designing attacks specifically tailored for your enterprise—being able to respond, contain and recover in a timely manner has never been harder.
Symantec warns of a phishing campaign that fools victims with fake emails from LinkedIn Support.
They may be the oldest tricks in the book, but SQL injection and cross-site scripting (XSS) attacks still put a hurt on thousands of web applications every year, impacting millions of users—your users and customers.
The rigidity of web application security controls has left the enterprise vulnerable to data breach.
The alliance defined specifications for devices, servers and client software that will help usher in the "post password" era.
A security expert estimates that around 10,000 legitimate websites were impacted by the campaign.
Threat of the month: Bash bug/Shellshock
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Study: Employees acknowledge risky security behavior, continue to engage in it
- Hack of airplane systems described in FBI docs raises security questions
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes