Most enterprises, when addressing mobile security, focus on securing applications, such as the devices' operating systems, or preventing the installation of malware. But NIST cybersecurity experts say organizations should take a much broader approach to ensuring mobile security.
Yahoo's disclosure of 500 million stolen accounts, one of the largest-ever data breaches, comes after months of dark-web chatter that indicated the company may be the next victim following Twitter, LinkedIn and Dropbox.
To improve security, The Insurance Regulatory and Development Authority of India is requiring insurance companies to stop using internet servers outside India and to store all critical customer data domestically. The authority also is requiring insurers to take stringent measures to safeguard indigenous servers.
Cisco has patched another zero-day flaw stemming from the Shadow Brokers' leak of Equation Group tools and attack code. The technology giant warns that attackers have been exploiting the vulnerability.
Apple-FBI crypto debate update: A researcher successfully defeated an iPhone passcode using less than $100 in equipment. But the delicate procedure, if used on the San Bernardino shooter's iPhone, could have accidentally obliterated its data.
To help financial institutions better spot attempted fraud, the SWIFT interbank messaging network plans to begin offering voluntary "daily validation reports" to customers to flag unexpected senders, recipients or payments as well as unusually large payments.
The National Institute of Standards and Technology has issued a draft of a self-assessment tool that's designed to help enterprises gauge the impact and effectiveness of their cybersecurity risk management initiatives.
Microsoft has released a slew of security fixes to patch critical vulnerabilities, including in its IE and Edge browsers. One zero-day flaw, fixed via a Microsoft Office patch, has been exploited in the wild for more than two years.
Fancy Bear strikes again: the suspected Russian hacking group released confidential medical records for four U.S. Olympic athletes, falsely contending the documents prove illegal drug use by the Olympians.
The cybercrime sector involves a rapidly growing services economy that provides everything from bulletproof hosting and stresser/booter DDoS on demand, to ransomware-as-a-service and sites that offer to launder bitcoins via a process known as tumbling.
Two men have been arrested by Israeli police, at the request of the FBI, in connection with an investigation into the vDos site, which provided distributed denial-of-service - a.k.a. stresser or booter - attacks on demand.
SentinelOne, one of a batch of vendors using machine learning to conquer malware, says it will not integrate its behavioral detection engine into Google's VirusTotal service. CEO Tomer Weingarten claims the investment wouldn't provide a worthwhile return.
Two men allegedly tied to the hacking group "Crackas With Attitude" have been arrested as part of an investigation into hacks of U.S. government systems and senior government officials, including CIA Director John Brennan's personal AOL email account.