Security Awareness Training and Insider Threats
- March 24, 2020
What's happening at the 2020 RSA Conference? Our team keeps you up to date with pre-conference coverage and breaking news from the infosec world's biggest event.
- February 26, 2020
At an RSA Conference 2020 panel, Target explained how the company is using war gaming to simulate real attacks and data breaches in order to hone its incident response plan.
- November 07, 2019
A Trend Micro employee stole and sold customer support data, which was used by a malicious third-party actor to scam consumer customers of the cybersecurity company.
- September 12, 2019
Common security risks can be mitigated or prevented, according to a panel at DerbyCon. But users need to feel empowered to speak up, and education needs to be better.
- September 10, 2019
One expert showed the crowd at DerbyCon that proper attribution of a cyberattack requires multiple indicators in order to avoid being fooled by a false flag attempt.
- August 19, 2019
Confidence in the security of the 2020 election spanned the gamut, depending on who you asked at DEF CON's Voting Village, with local officials more optimistic than technologists.
- March 22, 2019
Facebook learned three months ago that hundreds of millions of passwords were stored internally in plaintext, but it didn't disclose the issue or notify users until the news leaked.
- March 07, 2019
Find out what's happening at the at the 2019 RSA Conference in San Francisco, the information security industry's biggest event, with breaking news and analysis by the SearchSecurity team.
- March 06, 2019
At the recent RSA Conference, FBI Director Christopher Wray called for public-private partnerships to fend off cyberadversaries and threats.
- February 15, 2019
More than two-thirds of employees share passwords with colleagues, research reveals. Experts sound off on what's fueling poor password practices and how to solve the problem.
- August 15, 2018
While burnout, depression and PTSD can affect anyone, infosec mental health still doesn't often get the attention it deserves, but Black Hat 2018 attempted to change that.
- April 25, 2018
Rachel Tobac discusses how to train employees to avoid social engineering attacks and how individuals can keep themselves safe with awareness and by being 'politely paranoid.'
- December 13, 2017
According to a new survey from CA Veracode, breach awareness regarding recent major cyber incidents was low among executives, managers and directors, surprising some experts.
- April 06, 2017
Evidence points to Chinese hacking group APT10 conducting economic espionage in the breach of a trade policy group prior to U.S.-China trade summit talks in Florida.
- March 02, 2017
A new SEC filing details who knew about the major Yahoo security breach in 2014, but experts are confused by the repercussions of the announcement.
- December 22, 2016
Yahoo breach data from 1 billion users was sold to multiple groups on the deep web and questionable breach reporting kept Yahoo from informing users for months.
- December 15, 2016
A second Yahoo breach was disclosed, with more than 1 billion accounts compromised and users left at risk of further attacks for three years.
- November 15, 2016
Experts debated various aspects of password security in the aftermath of the FriendFinder Network breach, which left 400 million user accounts exposed.
- September 23, 2016
Yahoo confirmed it was the victim of one of the largest breaches in history two years ago, when information on at least 500 million user accounts was stolen.
- August 30, 2016
Election registration databases in two states were attacked and the resulting voter data breach has led to questions of possible election tampering and inadequate state security.
- August 17, 2016
A PGP short ID collision attack on the creator of Linux brings to light a flaw that experts have known about for years with short ID keys.
- August 09, 2016
Oracle's MICROS PoS systems breached, possibly by Carbanak cybergang; Oracle issues mandatory password reset for customers.
- July 15, 2016
An investigation by a federal committee found the FDIC had multiple breaches, including an APT attack, spanning years but hid the hacks from Congress.
- June 21, 2016
Computer maker Acer was hit by a customer data breach of its e-commerce website, leaving approximately 34,500 customers' contact and payment information exposed for about a year.
- June 09, 2016
A rash of TeamViewer hacks has led to confusion concerning what the issues are and who is responsible for user security in this case.
- March 11, 2016
News roundup: DROWN attack affects millions of servers with an SSLv2 vulnerability; the Home Depot breach lawsuit settlement is pending; and Chinese smartphone-maker ZTE is sanctioned.
- February 11, 2016
An IRS hack has compromised thousands of tax returns, and the attack was made possible through the use of stolen Social Security numbers.
- September 25, 2015
News roundup: More fingerprint records were stolen during the OPM breach than originally reported. Plus: the $1 million iOS bounty; DHS CISO calls for harsher phishing policies; Safe Harbor in hot water.
- September 11, 2015
The U.S. Department of Energy became the latest government cyberattack victim after a report disclosed the agency had suffered more than 1,000 cyberattacks in a four-year span.
- August 13, 2015
Bitdefender suffered a data breach in which a hacker stole a small number of unencrypted usernames and passwords for active customers. The hacker then demanded $15,000 in ransom.
- July 24, 2015
News roundup: A wireless car hack demonstration has pushed vehicle security legislation and DMCA exemptions into the spotlight, and prompted a manufacturer recall. Plus: Hacking Team update; DHS email issues; and smartwatches vulnerable to attack.
- April 23, 2015
At RSA Conference 2015, John Pescatore offered real-world case studies proving that information security technologies can help prevent data breaches.
- March 27, 2015
As more data moves online, social engineering techniques are becoming increasingly advanced and traditional training methods may not be enough to keep enterprises safe.
- February 20, 2015
News roundup: Amid hidden add-ons, discontinued services and walled gardens, vendor trust proves elusive for several high-profile tech firms. Plus: Evidence ties North Korea to Sony Pictures hack; card brands boost cybersecurity; and cookies that ...
- February 06, 2015
News roundup: With the proposed 2016 federal budget and push for a national data breach law, Washington may finally care about cybersecurity. Plus: Coviello to retire; Flash patched again; Sony Pictures breached by Russians and loses its co-chair.
- February 05, 2015
Hackers have broken into a database at US health insurer Anthem said to contain the personal data of up to 80 million people
- November 14, 2014
News roundup: A recent study revealed IT pros' confidence in implementing basic security measures is high, contradicting data that enterprises consistently fail to thwart basic attacks. Plus: BrowserStack hack lessons; responsible phishing reporting...
- October 29, 2014
State-affiliated actors, possibly tied to the Russian government, are thought to be behind a newly confirmed breach of the White House's unclassified computer network.
- August 22, 2014
News roundup: Heartbleed vulnerabilities, point-of-sale malware and phishing scams are nothing new, yet numerous companies continue to fall victim to them. Shouldn't the lesson be learned by now? Plus: HTTP Shaming, Dropbox improvements and more.
- August 15, 2014
News roundup: Pro golfer Rory McIlroy inadvertently revealed his passcode on live TV, highlighting how easy it is to inadvertently reveal sensitive information. Plus: BlackBerry and Google issue updates, and Gartner hit with Magic Quadrant lawsuit.
- January 16, 2014
Expert Joseph Granneman looks back at the 2013 Verizon DBIR and provides key takeaways for companies looking to avoid being part of the 2014 edition.
- April 03, 2012
Payment processor Global Payment is the latest poster child for PCI shortcomings and shoddy data security.
- March 20, 2012
The seventh annual Ponemon Cost of Data Breach Report analyzed 49 U.S. companies and found organizations with CISOs and a formal incident response plan helped cut costs.
- March 06, 2012
Alleged Anonymous, LulzSec hackers charged in connection with attacks on Sony, PBS, HBGary and others.
- January 25, 2012
Newly appointed Epsilon CISO Chris Ray said he will take a step back and get a better understanding of the business before trying to address gaps.
- January 05, 2012
Care2, a social network that promotes a variety of causes, announced a data security breach Dec. 28 in which hackers targeted account credentials on the company servers.
- December 30, 2011
Among the experts are Verizon’s Wade Baker on data breaches, Microsoft’s David Ladd on software security and Catalin Cosoi of BitDefender on targeted attack prevention.
- March 17, 2011
Company warns customers that SecurID product data was stolen in sophisticated attack.
- February 22, 2011
Security researchers at Trusteer warn that a new Trojan uses session ID tokens to keep banking sessions open long after customers think they have logged off.
- March 26, 2010
A day after his sentencing in the TJX hacking case, Albert Gonzalez is sentenced to 20 years in prison for Heartland
- June 01, 2004
Your desktop AV may be leaving you wide open to attack.