These top level numbers summarize the cybersecurity industry over the past year and indicate what's in store for the next five years.
CSO Online

Only about half of all countries have a cybersecurity strategy or are in the process of developing one, according to a new UN report.
Security

U.S. residents experienced an average of 250,000 hate crime victimizations each year from 2004 to 2015 and the majority of these were not reported to police, the Bureau of Justice Statistics (BJS) announced.
Security

HID Global announced that it has acquired Arjo Systems SAS, a provider of physical and digital identity solutions for secure government ID applications.
Security Today

Good news for some ransomware victims: The master key used to encrypt the original versions of Petya ransomware has been released.
Data Breach Today

Travel industry giant Sabre said Wednesday an intruder using stolen account credentials for its widely used reservations software had access to payment card details and personal information over a seven-month period.
Data Breach Today

Analytics can play a critical role in cracking down on identity fraud, says Shaked Vax, Trusteer products strategist at IBM Security, who explains how to use the latest tools to identify network intruders.
Data Breach Today

Federal regulators are reminding healthcare organizations not to overlook the security risks related to collaborative file sharing tools and other cloud-based services.
Data Breach Today

"Fake news" isn't just a political concept. It's also a component of the marketing hype about Europe's General Data Protection Regulation, says Jonathan Armstrong of the law firm Cordery. How can security leaders cut through the hype and focus on what's truly important to their business?
Data Breach Today

The Pentagon has finally inked a deal to pilot behavioral biometric technology to identify those using its computer networks, more than a year after then-CIO Terry Halvorsen first pledged to get rid of the ubiquitous Common Access Card.
fed scoop

If recently passed Federal IT Acquisition Reform Act legislation is the stick that Congress is using to push agencies toward modernization, MGT is the first carrot Congress is willing to give out to bring agencies up to speed.
fed scoop

NotPetya: How to Prep and Respond if You're Hit
DarkReading

Security researcher Billy Rios plans to demonstrate how an exploit can cause an IoT device to launch a physical attack against a human.
Dark Reading

The Internal Revenue Service is preparing to launch an educational series on phishing attacks and related warning signs.
Dark Reading

The traditional security operations center can't deal with present reality. We must rethink the concept in a way that prepares for the future.
Dark Reading

U.S. President Donald Trump on Sunday backtracked on his push for a cyber security unit with Russia, tweeting that he did not think it could happen, only hours after promoting it following his talks with Russian President Vladimir Putin.
Reuters

A California judge has granted a preliminary approval for Wells Fargo & Co's agreement to pay $142 million, and perhaps more, to customers whose credit scores were harmed by its employees creating fake accounts in their names, the bank said on Sunday.
Reuters

Hospitals, schools and universities must develop systems and processes to track when their protection technologies require repairs.
Campus Safety

New York City Mayor Bill de Blasio on Thursday unveiled a ten-year plan to introduce 100,000 jobs with annual salaries of $50,000 or greater by strategically investing in multiple industries, with a strong emphasis on cybersecurity.
SC Magazine

Following its delay in notifying patients affected by a data breach, CoPilot Provider Support Services will pay $130,000 as a condition of its settlement with New York Attorney General Eric Schneiderman, according to a post on Modern Healthcare.
SC Magazine

Hong Kong electoral officials have been slammed by the south Asian city state's data protection regulator after it failed to prevent the theft of laptops containing the information of all of Hong Kong's 3.7 million voters.
SC Magazine

The massive Mirai distributed denial of service (DDoS) attack that took down Dyn DNS last fall leading knocking out dozens of high-profile websites could have been much worse if the malicious actors had done a bit more research.
SC Magazine

South Korean firm NAYANA was hit with a Linux ransomware attack that demanded an unprecedented 550 Bitcoins (BTC) or $1.62 million ransom.
SC Magazine

More than 438,000 shoplifters and dishonest employees were apprehended in 2016 by just 23 large retailers who recovered more than $120 million from these thieves, according to the 29th Annual Retail Theft Survey by Jack L. Hayes International.
Security

The GW Center for Cyber and Homeland Security (CCHS) at the George Washington University is pleased to announce that it is currently seeking applicants for a new class of senior fellows for a two-year term that will begin in the fall of 2017.
Security

A survey has found that despite the benefits experienced from unplugging, most individuals prefer to stay connected.
Security

In 2016, a total of 142 failed, foiled and completed attacks were reported by eight EU member states.
Homeland Security News Wire

Prime Minister Theresa May on Monday vowed to crack down on extremism of all kinds, trying to soothe Muslim fears after a driver rammed a van into a crowd of worshipers in what police were treating as the latest in a string of terrorist attacks.
Wall Street Journal

Japan's Nikkei rose more than 1 percent to hit a near two-year high on Tuesday following a rebound in U.S. hi-tech shares as investors bet on solid growth in the economy and corporate profits globally.
Reuters

For at least two whole weeks, a database containing information on 198 million potential US voters – more than half of the American population – lay exposed on the internet, accessible to anyone who stumbled upon it while looking for unsecured assets.
Help Net Security

While the risks of 3rd party code are well known, the risks of using 3rd party containers are more obscure. In this article I will discuss one such risk: the introduction of 3rd party secrets; and look at examples from public registries.
Help Net Security

Wal-Mart is testing an app that matches online order delivery addresses with its employees' driving routes home so the workers can deliver packages ordered online as they drive home.
Security Magazine

Ecommerce fraud as a percent of sales dollars has been declining across the board, except for two industries, since the first quarter of 2016.
Security Magazine

The Board of Directors and C-level executives of organizations are increasing their monitoring and influence on their enterprise’s (physical and cyber) security measures.
Security Magazine

In their perpetual battle against external cyber threats, understanding and addressing evolving regulations and gathering resources to meet escalating security demands, Chief Information Security Officers (CISOs) are a busy, if not overburdened, bunch these days.
Security Magazine

OneLogin is reporting its recent data breach was made possible when a hacker obtained access to a set of Amazon Web Service keys through a third-party vendor.
SC Magazine

It's been a topic of discussion for some time: Cyber threats are serious risks to enterprises and it is the responsibility of the boards to provide oversight.
SC Magazine

China's new cybersecurity law went into effect on June 1, subjecting companies to stringent data privacy and protection guidelines, even as key questions linger around how it will be enforced, how easily businesses will be able to comply, and how much compliance will cost.
SC Magazine

Carnegie Mellon's Software Engineering Institute released a set of Best Practices for ransomware prevention and response.
SC Magazine

The physical security space is changing, with emerging threats, new criminal techniques, terrorism and hostile activism just of few of the drivers of change.
Security Magazine

The Littler Annual Employer Survey, 2017 reveals that the change occurring in Washington, D.C., and in local governments – combined with technological advances and shifts in how work is performed – is creating an unprecedented level of uncertainty in the workplace.
Security Magazine

Mexico has surpassed both Iraq and Afghanistan to become the world’s most violent country after Syria, says a study by the International Institute for Strategic Studies (IISS).
Security Magazine

Acting FBI Director Andrew McCabe said during a U.S. Senate Intelligence Committee hearing today that James Comey's removal as FBI director by President Donald Trump will have no impact on that agency's investigation of Russian influence in the 2016 election, which he labeled as having the highest priority within the agency.
SC Magazine

Researchers at Palo Alto Networks have spent the past five months examining a malware campaign that uses the Nemucod downloader to ultimately deliver a trojan that siphons out credentials, according to a post on the company blog.
SC Magazine

HID Global announced its extended portfolio of innovative Internet of Things solutions (IoT) with its latest offerings that help organizations take the leap to a new level of asset and equipment management.
Security Today

Last week, 10 new episodes of the popular Netflix Original show “Orange is the New Black” were leaked as a result of an attack on the streaming service’s postproduction company, Larson Studios. This breach and act of extortion further exposed a critical chink in enterprise cybersecurity that will continue to be a cause of similar detrimental cyber breaches if appropriate measures are not taken to defend against them.
Security Today

About 300 Spirit Airlines flights have been cancelled over the past seven days, leaving thousands of passengers angry. The airlines say the cancellations are due to its own pilots, and are currently suing them in a federal court.
Security Today

Cisco has plugged a critical security hole in over 300 of its switches, and is urging users to apply the patches as soon as possible because an exploit for it has been available for a month now.
Help Net Security

Three Chinese citizens, who have obtained millions from illicit stock trades based on insider information they stole from two US law firms by hacking, have been ordered to give back the money (including money given to Hong’s mother) and pay over $5 million in civil penalties.
Help Net Security

The Department of Homeland Security is planning to ban US-bound air travelers from Europe and the UK from carrying laptops and other large electronic devices in their hand luggage.
Help Net Security

Nine in 10 global cybersecurity and risk experts believe that cyber risk is systemic and that simultaneous attacks on multiple companies are likely in 2017, according to AIG.
Help Net Security

A majority of companies falsely believe their Active Directory (AD) is secure, according to a new survey conducted jointly by Skyport Systems and Redmond Magazine.
Help Net Security

White supremacists, emboldened by the 2016 elections and the current political climate, are currently engaged in an unprecedented outreach effort to attract and recruit students on American college campuses.
Homeland Security News Wire

Former Homeland Security secretary Tom Ridge says the majority of corporate boards and CEOs are unprepared for the challenges posed by rising cyber risk.
Wall Street Journal

The increasing use of mobile devices at work only increases the threat of security breaches. A survey form Check Point and Dimensional Research found that 64 percent of respondents said they are doubtful that their organizations can defend against a mobile cyber attack.
Information Age

New Continuous Diagnostics and Monitoring (CDM) tools being deployed at U.S. government agencies found huge numbers of uncatalogued and unmanaged computer devices connected to federal networks.
CyberScoop

Researchers at the University of Wisconsin-Madison (UW-Madison) have developed Internet Atlas, which they say is the first-ever detailed worldwide map of the Internet.
University of Wisconsin-Madison News

Department of Homeland Security Secretary John Kelly on April 18 said that the risk of a terror attack on the U.S. was "as threatening today" as it was on 9/11.
CNN

Dtex Systems' Insider Threat Intelligence Report reveals key security trends driven by malicious and negligent insiders that include a cross section of employees, contractors, and partners with access to corporate endpoints, data, and applications.
Yahoo Finance

A "massive and coordinated" hack was carried out against France's Emmanuel Macron's campaign, staffers said in a statement late Friday.
SC Magazine

The malware, discovered by Recorded Future and dubbed “Fatboy”, uses The Economist's Big Mac Index as a reference. The ransomware changes the amount of money it charges, so that victims in areas with a higher cost of living will be charged more to have their data decrypted.
SC Magazine

Eight in 10 bank customers want biometric authentication beyond the fingerprint in their mobile banking and payment apps, and 42% said they refuse to use mobile banking or payment apps that don’t have biometric authentication, according to a new survey.
Security Magazine

Researchers have designed an algorithm, inspired by the intelligent and social behavior of bee colonies, which allows law enforcement to attack and dismantle any type of social network that poses a threat, whether physical or virtual, such as social networks linked to organized crime and jihadist terrorism.
Homeland Security News Wire

An estimated 75 percent of California’s population lives in coastal counties. Sea-level rise, already underway, threatens hundreds of miles of roads and railways, harbors, airports, power plants, wastewater treatment plants, coastal wetlands, beaches, dunes, bluffs, and thousands of businesses and homes.
Homeland Security News Wire

When Hurricane Katrina struck Louisiana in 2005, cities inland saw an influx of evacuees escaping the storm and its aftermath. Now, a new study predicts that this could happen again as a result of sea-level rise.
Homeland Security News Wire

Researchers at Cornell University are developing a system to enable teams of robots to share information as they move around and, if necessary, get help in interpreting what they see, enabling them to conduct surveillance as a single entity with many eyes.
Security Magazine

Dtex Systems researchers found that 95 percent of enterprises surveyed had employees who are actively circumventing corporate security protocols.
Security Magazine

Another malicious app has finagled its way into the Google play store in the disguise of a seemingly benevolent flashlight app.
Security Magazine

The Mirai malware that has created massive botnets out of hijacked Internet of Things devices has met a formidable opponent in Hajime, a rival IOT worm whose intent may possibly be to declaw Mirai.
Security Magazine

April 19 may now be known as Oracle Patch Day with the company issuing and record 299 critical security fixes, including several that patch issues that can be exploited by some of the leaked NSA tools.
Security Magazine

News that Google may be imposing a series of restrictions in Chrome against digital certificates issued by Symantec is but the latest and most remarkable salvo in a dispute that stretches back years.
DarkReading

Edward Snowden shared his views of the implications of mass surveillance programs and the government's objective in implementing them.
DarkReading

Over a quarter of a million devices used with DVRs around the globe are susceptible to a new botnet its discoverers have dubbed Amnesia.
SC Magazine

A Chinese hacking group is accused of compromising the website of the National Foreign Trade Council in an apparent attempt to spy on the U.S. trade association's members in the days leading up to a key summit between President Donald Trump and Chinese President Xi Jinping.
SC Magazine

The U.S. Bill of Rights was written to protect individual liberties and to limit the powers of an overarching government but some privacy advocates fear courts may need reeducating as to how those principles apply in the digital age.
SC Magazine

The conversation around allegations that Russian hackers stole data and thousands of emails from the Democratic National party during the ramp up to the recent election is only escalating.
Security Magazine

Insider threat programs are necessary to allow the organization to prevent, detect, respond to and deter insider threats.
Security Magazine

According to a Pew Research study, the vast majority of Americans keep track of their passwords using much more traditional methods – specifically, by memorizing them or by writing them down on a piece of paper.
Security Magazine

Travel risk is a top priority among European companies, yet travel security risk mitigation programs are seen as undermined due to communication inefficiencies.
Security Magazine

Another year, another set of records broken. 2016 saw the most breaches, the most records breached, and the largest single breach – at least according to one report. News of the latest breach barely registers over the din of others.
Security Today

In a hearing with the House intelligence committee to speak on Russia’s involvement and coordination with Trump’s Campaign in the past election, FBI Director James Comey told representatives that there was “no evidence to support” Trump’s tweets that claim former President Obama wiretapped Trump Tower during the election cycle.
Security Today

The Internet of Things (IoT) raises many new issues for security professionals. Attendees who register for “The Pros and Cons of the Internet of Things” seminar at ISC West 2017 will come away with insights on new developments in networked solutions for the security industry and how they are impacting today’s systems.
Security Today

According to data from ACI Worldwide, while online transactions grew in the U.S. by 12 percent, there was a 43 percent increase in online fraud.
Security Today

A new report from security firm Gemalto concludes that consumers are putting the responsibility for protecting their personal data in the hands of the organizations holding their data, rather than themselves.
ZDNet

Two men in Florida have pleaded guilty to helping operate an unlicensed bitcoin exchange, Coin.mx, as a result of a wide-ranging government investigation into a massive scheme that involved hacking into multiple financial institutions, including JPMorgan Chase.
Bank Info Security

Companies involved in mergers and acquisitions are increasingly targeted with cyberattacks that could potentially derail the deals, says Bryce Boland of FireEye (see: Inside An Elite APT Attack Group).
Bank Info Security

The National Institute of Standards and Technology has published a draft of its first revision to its cybersecurity framework, describing it as an update, not a major overhaul.
Bank Info Security

Don’t hold your breath for drones to deliver soap, batteries, or other goods to your house anytime soon. Unless, that is, you happen to be taking part of a staged-drone delivery test.
Fortune

Establishing enterprise risk management processes for any entity involves common pitfalls including the failure to link risk management to strategy setting, discussed here by Jim DeLoach and Shawn Seasongood of consulting firm Protiviti Inc. Additionally, areas of focus for insurers in particular are included.
Business Insurance

From package delivery to props in major sporting events, drones continue to play major roles in everyday life. But are enterprises prepared for “The Rise of the Drones” in their operations?
Security Magazine

Only about half of the violent crimes and a third of the property crimes that occur in the United States each year are reported to police.
Security Magazine

Federal law enforcement officials conducting a criminal probe of heavy machinery manufacturer Caterpillar Inc searched three of its facilities on Thursday, prompting a sharp sell-off in the company's stock.
Reuters

A security lapse at content distribution network provider Cloudflare that resulted in customer data being leaked publicly for several months was bad - but had the potential to be much worse.
DarkReading

Yahoo's CEO Marissa Mayer won't be getting certain bonuses, according to a filing with the SEC on Wednesday, as the fallout from the massive security breach continues to roil the company.
Fox Business

A report released Wednesday finds that the size of computer security breaches at U.S. companies is increasing, and that more than a quarter of companies don't have a computer security plan in place.
USA Today

The buzzword in drone research is autonomous — having the unmanned aerial vehicle do most or all of its own flying. Researchers are using artificial intelligence, called fuzzy logic, to get drones to navigate and land themselves on moving platforms.
Homeland Security News Wire

Whether a nation should retaliate against a cyberattack is a complicated decision, and a new framework guided by game theory could help policymakers determine the best strategy.
Homeland Security News Wire

ISIS’s suicide attacks resemble Japan’s use of kamikaze pilots in the Second World War, says a new study which looked at nearly 1,000 ISIS suicide operations in one year.
Homeland Security Newswire

Howard A. Schmidt, former White House cybersecurity coordinator, executive director of SAFECode and trusted SC Media editorial advisory board member, passed away Thursday.
SC Magazine

Researchers have spotted a sudden resurgence of the Windows-based ransomware CryptoLocker early this year, specifically identifying clusters of attacks targeting Italy, Dutch-speaking victims, and even the U.S.
SC Magazine

With Skynet and "I, Robot" seeming less like science fiction and more like an eventual reality thanks to tech advancements, Atlantic Council's Cyber Statecraft Initiative Senior Fellow Jason Healey warned members of Congress Wednesday of the threats posed by robotic soldiers and artificial intelligence that could enable cyberespionage or worse.
SC Magazine

Users of Apple's macOS system will begin seeing more warnings as they browse or attempt to download files, according to a Google blog.
SC Magazine

More than 10,000 Web sites were taken down in an attack launched over the weekend that was aimed at sites hosting child pornography, according to reports.
Enterprise Security Today

Carnegie Mellon University student who developed and sold malicious software through an online cybercriminal marketplace that allowed others to remotely control Google Android smartphones has been sentenced to three years' probation.
Enterprise Security Today

Businesses need smarter tools to battle today's wide ranging and fast-evolving IT security threats, which is the reason Hewlett Packard Enterprise (HPE) has added a company called Niara to its arsenal.
Enterprise Security Today

The heavily freighted idea of an “Islamic bomb” has been around for some decades now. The notion behind it is that a nuclear weapon developed by an “Islamic” nation would automatically become the Islamic world’s shared property – and more than that, a “nuclear sword” with which to wage jihad.
Homeland Security News Wire

A recent study published by researchers from Syracuse University’s School of Information Studies (iSchool) reveals that the general public has a poor understanding of the workings of online behavioral advertising, and the privacy implications behind the information that advertisers gather.
Homeland Security News Wire

Facebook and Manhattan prosecutors went to New York state's highest court Tuesday to settle a legal dispute over search warrants for users' accounts, a closely watched case with big implications for online privacy.
Enterprise Security Today

A heavily revised draft of President Donald Trump's executive order on cybersecurity lays out initiatives to build upon the previous administration's IT security programs rather than to radically change them.
Data Breach Today

Russian security vendor Kaspersky Lab says hackers using fileless malware to stay undetected have compromised as many as 140 banks, government organizations and telecommunications companies.
Data Breach Today

A 52-year-old former U.S. Navy officer and longtime government contractor who allegedly hoarded an enormous stash of classified data in his house and car was indicted by a federal grand jury on Feb. 8, the Justice Department says.
Data Breach Today

Just like epidemiologists studying disease outbreaks, cybersecurity professionals can benefit from identifying and mitigating certain behaviors, says Dr. Elizabeth Lawler, an epidemiologist who is CEO of Conjur, a data security firm.
Data Breach Today

Banks are seeing intensifying attacks against their cash machines, which has prompted an industry group to collect more fine-grained detail on the incidents for defenders.
Data Breach Today

Hackers have stolen customer credit card information from an unknown number of Arby’s restaurants, according to a report on Thursday.
Fortune

U.S. authorities are investigating whether Yahoo Inc.’s two massive data breaches should have been reported sooner to investors, according to people familiar with the matter, in what could prove to be a major test in defining when a company is required to disclose a hack.
Wall Street Journal

Protesters opposed to the Dakota Access Pipeline are gearing up for a new round of clashes after the inauguration of President Donald Trump. So are oil companies—and the private security firms they have hired to police the protests.
Wall Street Journal

Video surveillance, remote monitoring and facial recognition are critical security tools in retail security and loss prevention.
Security Magazine

Late last year, ESG published a research report titled, Through the Eyes of Cyber Security Professionals, in collaboration with the Information Systems Security Association (ISSA). As part of this report, 437 cybersecurity professionals and ISSA members were asked if they’d experienced a number of types of security incidents
NetworkWorld

As cybersecurity incidents continue to increase in both complexity and frequency, businesses of every size in every industry and in just about every country across the globe are recognizing the glaring need for stronger defense strategies.
Security Magazine

Even after being hacked, most Americans fail to properly protect their online personal information online.
Security Magazine

It's likely that your approach to cloud infrastructure adoption was cautious at first. You may have limited your focus to rapid provisioning, or reducing equipment and operational costs.
Enterprise Security Today

Lloyds Banking Group suffered an online attack lasting two days as cyber criminals attempted to block access to 20m UK accounts.
Enterprise Security Today

Microsoft is now calling out anyone who passed on the update and still using Windows 7, especially those in an enterprise setting. It says that operating system is outdated, and even with patches, it's not secure enough.
Enterprise Security Today

Hackers have reportedly devised a new phishing method which seems to be tricking even the most experienced and tech savvy users into revealing their account details.
Enterprise Security Today

About 218,000 unencrypted private messages posted to the AlphaBay dark web marketplace have been accessed and released to the public, according to several posts on Reddit.
SC Media

A large U.S. cable company fumbled its attempt to engage customers this week when it advised subscribers to change their Wi-Fi passwords to either GO_NEWENGLAND" or "GO_ATLANTA" to support their Super Bowl team of choice.
SC Media

Facebook is celebrating Data Privacy Day by introducing the new Privacy Basics feature to control who see what its users share on the platform.
SC Media

Trend Micro may be one of the world's biggest vendors of cybersecurity solutions, but that hasn't made it immune from hacks into its software, according to a report on Forbes.
SC Media

The Department of Homeland Security has added the U.S. election infrastructure to the list of protected critical infrastructure sectors of the economy.
Homeland Security News Wire

Researchers from the Swedish Institute of International Affairs, Sweden’s leading foreign policy institute, have written that Russia has been using fake news, false documents, and disinformation as part of a coordinated campaign to influence public opinion and decision-making in Sweden.
Homeland Security News Wire

More than 30,000 people die each year from gun violence in the U.S., a higher rate of death than any industrialized country in the world.
Homeland Security News Wire

The FDA confirmed that St. Jude Medical’s implantable cardiac devices are vulnerable to hacking. Once hackers gain access to the device, they could deplete the battery or administer incorrect pacing or shocks.
Homeland Security News Wire

Around the world, more than 1.2 billion people lack access to basic electricity service.
Homeland Security News Wire

The World Economic Forum (WEF) said that large-scale terrorist attacks – not only lone-wolf attacks — are among the likely threats for which states must prepare in 2017.
Homeland Security News Wire

Researchers have made a discovery that could help conquer the greatest threat to global food security – pests and diseases in plants.
Homeland Security News Wire

Blockchain ledgers could better secure cameras and sensors monitoring the movement of travelers and trade goods
Homeland Security News Wire

The head of an exam board is warning that undetected qualifications fraud in the security industry is becoming a "risk to public safety".
BBC News

Insider threat has become an increasingly prevalent concern for organizations, and the damage from breaches caused by current or former employees, contractors or partners misusing access credentials can be devastating.
Security Today

Varied delivery methods, stronger encryption, and publicized code drove a 400-percent increase in the number of ransomware families found between January and September of 2016.
DarkReading

Worldwide IoT spending is forecast to reach $737 billion in 2016 as organizations invest in the hardware, software, services, and connectivity that enable the IoT.
Help Net Security

Nearly half of organizations are investing in a security strategy for the Internet of Things (IoT), according to the PwC Global State of Information Security survey of more than 10,000 participants in 133 countries.
siliconrepublic

There is an "imminent danger" of cyberattacks targeting privately owned infrastructure used to deliver electricity to U.S. homes, hospitals, and businesses, according to the U.S. Energy Department's Quadrennial Energy Review.
FedScoop

CIOs will invest in new analytics technology that can anticipate and identify a variety of cyberthreats in 2017.
CIO

The National Association of Corporate Directors (NACD) recently released a Cyber-Risk Oversight Handbook in an effort to set standards for corporate board leadership.
CSO Online

According to Mark Stokes, Scotland Yard's head of digital, cyber and communications forensics unit, cops are being trained to rely on evidence from IoT devices.
Network World

The BYOD (bring your own device) issue gives IT managers and internet security contractors plenty to fret over.
Utah Business

The United State Department of Health and Human Services sent a letter to officials in the public health sector warning of potential terrorist attacks.
Campus Safety

Researchers have created a robotic security kiosk to help border security agents determine whether travelers coming into Canada may have undisclosed motives for entering the country.
Phys Org

Citing increasingly sophisticated cyber bad actors and an election infrastructure that's "vital to our national interests," Homeland Security Secretary Jeh Johnson is designating U.S. election systems critical infrastructure, a move that provides more federal help for state and local governments to keep their election systems safe from tampering.
AP

Today, Reps. Jared Polis (D-Colo.) and Kevin Yoder (R-Kan.) reintroduced the Email Privacy Act, legislation that modernizes America’s digital privacy laws by establishing protections against warrantless searches of private emails.
JaredPolis

Of the many questions left unanswered by the American intelligence agencies’ accusation that Russia’s president, Vladimir V. Putin, led a multilayered campaign to influence the 2016 presidential election, one stands out: Why did it take the Obama administration more than 16 months to develop a response?
New York Times

The California Department of Insurance on Friday released the examination findings and settlement agreement concerning the cyber security breach of health insurance giant Anthem Inc., which compromised 78.8 million consumers' records.
Lake County News

It’s one thing to boycott a company as a way to press them to change a bad business practice, like Nike and Apple’s violation of child labor laws, Chik-fil-A’s alleged anti-gay hiring practices or Amazon’s repressive employment conditions at its warehouses.
Forbes

Cloud security is now the most difficult IT skill for employers to find in the job market, according to analysis of the top 10 hardest-to-find technology skills by Burning Glass Technologies.
Security Magazine

According to a new study, nearly 17 percent of users are safeguarding their accounts with “123456.”
Security Magazine

eBay is developing a new authentication program for some of its higher-end items to create a network of professional authenticators it can use to verify that products are legitimate.
Security Magazine

A large percentage of organizations have an emergency communication plan, but they take too long to implement, says a new study.
Security Magazine

The National Consortium for the Study of Terrorism and Responses to Terrorism (START) has released its latest data tool, the Profiles of Individual Radicalization in the United States (PIRUS) dataset.
Homeland Security News Wire

President Barack Obama signed Friday the National Defense Authorization Act, legislation that includes a provision he opposes to leave the leader of the newly-elevated U.S. Cyber Command as the head of the National Security Agency as well.
Gov Info Security

Trump Taps Bossert as Assistant to the President for Homeland Security and Counterterrorism
Gov Info Security

As cybercriminals continue to wage more sophisticated, well-funded attacks, it's more urgent than ever to attract qualified professionals to careers in cybersecurity, says Symantec CTO Dr. Hugh Thompson.
Bank Info Security

In an audio interview, Steve Durbin, managing director of the Information Security Forum, offers a forecast of the top security threats for the year ahead, including the ramping up of attacks fueled by "crime-as-a-service" offerings.
Bank Info Security

New anti-surveillance clothing has been developed, allowing wearers to prevent security cameras which use facial recognition technology from recognizing them. The clothing uses complex colored patterns of digitalized faces, and parts of faces, to overload and trick facial recognition software.
Homeland Security News Wire

Currently, utility companies in North America have procedures and capacity to handle localized power outages caused by events such as extreme weather and high usage on hot days.
Homeland Security News Wire

At a time of heightened focus on U.S. cybersecurity risks, the Energy Department released a comprehensive report on the nation’s rapidly changing electrical grid Friday that calls for new action to protect against evolving threats.
Washington Post

The U.S. National Institute of Standards and Technology (NIST) has released its Guide for Cybersecurity Event Recovery to help organizations develop, test, and improve their cybersecurity recovery plans.
NIST

Almost 200 employees and contract workers of the Department of Homeland Security over the last 10 years have taken nearly $15 million in bribes while protecting U.S. borders and enforcing immigration laws, according to a New York Times review of court records and internal agency documents.
New York Times

The consumer drone market is expected to be worth $5 billion by 2021, with drones sporting a range of features from high-definition cameras to GPS.
Reuters

The Baltimore Sun Share to FacebookShare to Twitter (12/7) reports that Maryland State Attorney Marilyn J. Mosby announced the official launch of a unit of “elite” prosecutors and detectives on Wednesday.
The Baltimore Sun

The records of more than 1 billion users of Yahoo email that were hacked around 2013 began to be quietly offered for sale last August, according to Andrew Komarov, chief intelligence officer at InfoArmor, an Arizona cybersecurity firm, who monitors the dark corners of the internet inhabited by criminals, spies, and spammers.
New York Times

Stronger firearm laws are associated with reductions in firearm homicide rates, concludes a study which reviewed all available articles published in peer-reviewed journals from January 1970 to August 2016 that focused specifically on the connection between firearm homicide and firearm laws.
Homeland Security News Wire

Elbit Systems will use the Israel HLS & Cyber Conference, taking place this week in Tel Aviv, to unveil its ReDrone system, a solution for protection of closed air spaces, national infrastructures, and other critical areas against hostile drones penetrating the protected perimeter.
Homeland Security News Wire

Precautionary approaches to governance of emerging technology, which call for constraints on the use of technology whose potential harms and other outcomes are highly uncertain, are often criticized for reflecting “risk panics,” but precaution can be consistent with support for science.
Homeland Security News Wire

U.S. Bank Stadium is not just a location, but an epicenter of security technology, excitement and Minnesota pride.
Security Magazine

This fall, the Ponemon Institute released its Fourth Annual study, Is Your Company Ready for a Big Data Breach? on data breach corporate preparedness, which revealed that 52 percent of companies experienced data breaches just this past year alone.
Security Magazine

Ransomware can be likened to global warming. It’s been around for years, but it’s now becoming an epidemic which needs serious attention.
Help Net Security

The rapid pace of technological and societal change has given government CIOs a new sense of urgency and a willingness to experiment with smart city and open data initiatives, according to Gartner.
Help Net Security

IT security is usually focused on how to prevent outsiders with malicious intent from causing harm to your IT systems and data.
Help Net Security

The same family of malware that was used to hack into U.S. Democratic National Committee systems has also been found infecting an Android app used by artillery units defending eastern Ukraine after Russia invaded Crimea in 2014, according to the cybersecurity firm Crowdstrike.
Data Breach Today

The same family of malware that was used to hack into U.S. Democratic National Committee systems has also been found infecting an Android app used by artillery units defending eastern Ukraine after Russia invaded Crimea in 2014, according to the cybersecurity firm Crowdstrike.
Data Breach Today

Memo to would-be cybercriminals: Want to move stolen money internationally to bank accounts that you control? Need to route funds to a few money mules to get it laundered? Don't do it from a system tied to an IP address registered to your home.
Data Breach Today

Community Health Plan of Washington, a not-for-profit insurance company, says a security vulnerability on the computer network of a business associate that provides it with technical services resulted in a breach affecting nearly 400,000 individuals.
Data Breach Today

Symantec CTO Hugh Thompson Offers 2017 Threat Assessment
Data Breach Today

The Obama administration has failed to reach agreement with 40 other nations on modifying a non-binding export control agreement that it says could hurt cybersecurity.
Data Breach Today

Leading this latest edition of the ISMG Security Report: The growing momentum in Congress to establish a select committee to investigate breaches the American intelligence community has tied to the Kremlin to influence the U.S. presidential election.
Data Breach Today

The National Governors Association, in a new road map for improving nationwide secure health data exchange, proposes that states attempt to better align their privacy laws to the federal HIPAA Privacy Rule to help remove legal barriers.
Data Breach Today

Ohio Governor John Kasich signed a bill that could allow licensed guns onto public college campuses Monday.
Campus Safety

Officials at the University of Nebraska Lincoln campus announced the school was the victim of a large computer security breach Tuesday.
Campus Safety

Cybercriminals out of Russia are behind a newly discovered massive online advertising fraud operation hiding in plain site that steals up to $5 million per day from big-name US advertisers by posing as some 6,000 major US media sites including The Huffington Post, Fortune, ESPN, CBS Sports, and Fox News, and generating fake ad impressions.
Dark Reading

The security officer industry is facing major changes, as consolidation alters the landscape.
Security Magazine

Edge360 has begun the worldwide rollout of the PSIM solution as part of a recently awarded $73 Million contract from the Department of State.
Security Today

It’s an exciting time to be in the security industry, as evidenced by the successful year we have seen in regards to technology innovations, mergers and acquisitions, and a renewed sense of pride in the industry.
Security Today

When employees use corporate networks to access social media such as Facebook, they open the door to a new set of security concerns.
Security Today

ADT today announced that Joe Nuccio has joined the company as Senior Vice President, Business Development.
Security Today

The president's Commission on Enhancing National Cybersecurity today released a 100-page report that called for greater cooperation between the government, the private sector, educational institutions and even individual Americans with the goal of protecting and defending the nation's critical cyber infrastructur hie
SC Magazine

The “dark web” has long had an ominous appeal to Netizens with more illicit leanings and interests. But given a broadening reach and new technologies to access this part of the web and obfuscate dealings here, the base of dark web buyers and sellers is likely growing.
SC Magazine

The Russian intelligence service said it has stopped a planned cyberattack on that nation's banks that was slated to launch on December 5.
SC Magazine

What malicious sites provide both free and paid access to stolen credit cards, company databases, malware and more?
Dark Reading

As an increasing number of devices — from cars to light bulbs to kitchen appliances — connect with computer networks, experts are raising concerns about privacy and security.
Homeland Security Newswire

Everyone benefits from Network Time Protocol, but the project struggles to pay its sole maintainer or fund its various initiatives
InfoWorld

Mozilla and the Tor Project have released security updates that fix the Firefox 0-day flaw that was spotted being exploited to de-anonymize Tor Browser users.
Help Net Security

The ransomware attack that hit the San Francisco Municipal Transportation Agency last Friday is just one of many mounted by the same attacker.
Help Net Security

Social engineering is having a notable impact on organizations across a range of industrial sectors in the US.
Help Net Security

A study of twenty major cloud hosting services has found that as many as 10 percent of the repositories hosted by them had been compromised -- with several hundred of the "buckets" actively providing malware.
Homeland Security News Wire

Microsoft’s latest Security Intelligence Report highlights the tactics of the PLATINUM hacking group, which seeks to steal intellectual property related to government interests.
eweek

The National Security Agency is the nation’s digital spying organization. U.S. Cyber Command is a military unit focused on cyberwarfare. Does it make sense for one person to lead them both at the same time?
Homeland Security News Wire

CDC has awarded more than $14 million to fund new approaches to combat antibiotic resistance, including research on how microorganisms naturally present in the human body (referred to as a person’s microbiome) can be used to predict and prevent infections caused by drug-resistant organisms.
Homeland Security News Wire

Despite the growing likelihood that organizations will experience a security incident, most executives are not updating or practicing their data breach preparedness plans, according to a recently released study.
CIO

Security experts warn that the recent cyberattack that took down more than 1,200 websites is a sign of things to come, as individual hackers as well as state-sponsored adversaries have easy access to powerful attacks.
Wall Street Journal

A U.S. bank regulator on Friday disclosed a data breach involving a former agency employee's unauthorized removal of more than 10,000 records.
Wall Street Journal

Weak security practices are putting patient data at risk, new SecurityScorecard report shows.
Dark Reading

Leading research company Opinium surveyed 3,457 consumers across the U.K., U.S., Germany, France, Italy, Denmark, Spain, Sweden, and the Netherlands to gauge perceptions, attitudes, and experiences regarding online fraud, security, and cybercrime.
Security Magazine

As is the case with much of America’s aging infrastructure, many of the country’s estimated two million dams are obsolete, costly, aging, and unsafe.
Homeland Security News Wire

News organizations widely report that there are 11 million unauthorized immigrants living in the United States.
Homeland Security News Wire

NIST released a resource that will help U.S. employers more effectively identify, recruit, develop, and maintain cybersecurity talent.
Homeland Security News Wire

Addressing the implications of cybersecurity threats for the stability of international world order, an expert acknowledged that states will find it difficult to maintain cybersecurity in an increasingly porous and congested cyberspace, but said that cyber-experts exaggerate the threat to essential state infrastructures.
Homeland Security News Wire

A key difference between cybersecurity threats and other security threats is the mismatch between public and private capabilities and levels of authority in responding to these threats.
Homeland Security News Wire

As a global population we are awash with conspiracy theories.
Homeland Security News Wire

Distant wastewater disposal wells likely induced the third largest earthquake in recent Oklahoma record, the 13 February 2016, magnitude 5.1 event roughly thirty-two kilometers northwest of Fairview, Oklahoma. at the time, the Fairview earthquake was the largest event in the central and eastern United States since a 2011 magnitude 5.7 struck Prague, Oklahoma.
Homeland Security News Wire

A prolonged Internet outage prevented access to major sites like Twitter, Netflix, Spotify, and the New York Times on Friday.
Homeland Security News Wire

The U.S. government has updated and published a new list of exemptions to the Digital Millennium Copyright Act.
ZDNet

Charges against NSA contractor Harold Martin of stealing government documents and mishandling classified information over two decades are raising questions about the government's ability to police employees and contractors who hold clearances.
New York Times

About one-third of targeted attempts to breach corporations' cyber defenses succeed, but three-quarters of executives remain confident in their security strategies, according to Accenture's survey of 2,000 security officers.
Bloomberg Technology

Between 300,000 and 600,000 are stolen in the United States every year – for an average of more than 1,600 guns stolen every day, or more than one every minute.
Homeland Security News Wire

The estimated number of privately owned guns in America grew by more than seventy million — to approximately 265 million — between 1994 and 2015.
Homeland Security News Wire

witter service in Japan and parts of the United States was down earlier today (Monday), shortly after WikiLeaks claimed that its servers had been subjected to a cyberattack.
Homeland Security News Wire

China adopted a controversial cyber security law on Monday to counter what Beijing says are growing threats such as hacking and terrorism, but the law triggered concerns among foreign business and rights groups.
Reuters

One in three cyberattacks results in a security breach, but most organizations are confident in their defense strategies, according to a new Accenture report.
Dark Reading

The number of people who reported being victims of identity theft in affidavits to the IRS has “fallen dramatically” this year, IRS Commissioner John Koskinen said Thursday.
The Hill

Foreign companies operating in China have been worried since China's government approved a broad new cybersecurity law aimed at tightening and centralizing state control over information flows and technology equipment.
Wall Street Journal

Quantum computing and big data analytics offer great leverage against growing cyberthreats, according to U.S. National Nuclear Security Administration (NNSA) CIO Wayne Jones.
FCW

According to a recent report by Blancco Technology Group, 32 percent of mobile users are willing to trade in their old phones to help pay for a new device, while another 23 percent would sell their old phones outright.
NetworkWorld

Researchers report in a new paper that they have uncovered a flaw in a wireless technology that is often included in smart home devices like lights, thermostats, and many of the components of the "smart home" of the future.
New York Times

The Internet of Things has alarming holes in security. The industry should look to video games for some answers.
Dark Reading

he US government should explicitly prohibit private entities from "hacking back," but empower them to use other methods of so-called active defense against threat actors, according to members of the Active Defense Task Force at the George Washington University's Center for Cyber and Homeland Security (CCHS) in a report today
Dark Reading

Could the presidential election be hacked? Given the latest embarrassing breach of even the supposedly most secure of enterprises, yet another insider theft within the National Security Agency (NSA), a better question is how can it be hacked, according to IT security experts queried by SCMagazine.com.
SC Magazine

Despite its reputation as a nefarious terminal for illicit activities, the dark web is mostly legal, says a new research report from Terbium Labs.
SC Magazine

A malvertising campaign has been discovered on Google AdWords, targeting Macs. Should businesses be getting up to speed with Mac threats?
SC Magazine

Violent crime levels did not rise last year in the United States, according to the National Crime Victimization Survey (NCVS), which is administered by the Justice Department.
Security Magazine

The cyber threats we experience today have become frequent, complex and challenging. As such, their impact on organizations have increased substantially.
Security Magazine

Microsoft says a zero-day flaw in Windows that was publicly revealed by Google - before a patch was ready - was being exploited by Russian hackers via spear-phishing attacks.
CareersInfo Security

A lack of understanding among senior leaders about the seriousness of cyber threats and a shortage of experienced information security staff are two key factors that make the healthcare sector vulnerable to cyberattacks, says Dave Summitt, CISO of the H. Lee Moffitt Cancer Center and Research Institute in Tampa, Fla.
CareersInfo Security

Overreliance on smartphones, both in out personal and professional lives, is a reality for many of us. These devices hold a lot of sensitive information – information that could be worth a lot to some people, especially if you are a high-positioned executive in a thriving business.
Help Net Security

Cisco unveiled a new approach to endpoint security. AMP for Endpoints offers a path to more effective endpoint security.
Help Net Security

The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) released a resource that will help U.S. employers more effectively identify, recruit, develop and maintain cybersecurity talent.
Help Net Security

Management liability lawsuits pose a threat to companies both large and small.
Risk & Insurance

According to industry experts, there are a wide variety of trends on the horizon for video surveillance from both a technology and business perspective.
Security Info Watch

The East Coast was under siege on Friday morning from a large-scale distributed denial of service (DDoS) attack that brought down more than a dozen prominent websites, including Twitter, Spotify, Netflix, GitHub, Amazon and Reddit. The initial attack was followed later in the day by at least two more waves of attack.
SC Magazine

Web hosting service Weebly has confirmed a major data breach, following a LeakedSource.com report stating that 43.4 million accounts were stolen from the company's main database in February 2016. This number would effectively comprise Weebly's entire 40 million-plus customer base.
SC Magazine

More details are emerging about the culprits behind hacks of the Democratic National Committee (DNC) and campaign staffers working for Hillary Clinton.
SC Magazine

A Chinese cyber attack targeting a U.S. Defense Department contractor was linked to the OPM hack and a separate attack targeting government officials on a U.S. aircraft carrier was also attributed to China.
SC Magazine

In preparation for the organization of the 115th Congress, the co-chairs of the Blue Ribbon Study Panel on Biodefense last week delivered a letter to Congressman Pete Sessions (R-Texas), chair of the Committee on Rules, asking that special consideration be given to the jurisdiction of the House Committee on Homeland Security.
Homeland Security News Wire

Half of American adults – more than 117 million people – are in a law enforcement face recognition network, according to a report released today by the Center on Privacy & Technology at Georgetown Law.
Security Magazine

The Defense Department has awarded a contract to HackerOne and Synack to create a new contract vehicle for DoD components and the services to launch their own ”bug bounty” challenges, similar to the “Hack the Pentagon” pilot program, with the ultimate objective to normalize the crowd-sourced approach to digital defenses, Pentagon officials announced today.
Homeland Security News Wire

Digi Security Systems announces that it has partnered with Axis Communications to offer customers an even wider range of video security camera products suitable for customers across all industries and applications.
Security Today

Keeping up with the latest vulnerabilities -- especially in the context of the latest threats -- can be a real challenge. Real-time analysis and proactive response to these new threats is only possible using real-time feeds of the latest and greatest vulnerability data.
Dark Reading

AT&T Inc.’s blockbuster $85.4 billion deal to buy Time Warner Inc. promises to reshape the media landscape—if the companies can navigate a series of obstacles, including possible opposition from U.S. antitrust authorities and objections by lawmakers and media and telecom rivals.
Wall Street Journal

US-based DNS provider Dyn has suffered a massive DDoS attack earlier today, and it resulted in many websites being completely or intermittently inaccessible for a few hours.
HelpNetSecurity

Researchers from three universities combined their expertise to demonstrate the first complete sabotage attack on a 3D additive manufacturing (AM) system, illustrating how a cyber attack and malicious manipulation of blueprints can fatally damage production of a device or machine.
HelpNetSecurity

The results of Symantec’s State of European Data Privacy Survey, which was conducted through interviews with 900 business and IT decision makers across the UK, France and Germany, shows 91 percent of respondents have concerns about their ability to become compliant.
HelpNetSecurity

As the world becomes more connected, all organizations face growing risks for cybersecurity attacks: the number of breaches exposing more than 10 million identities went up 125 percent from 2014 to 2015, and 429 million identities were exposed in breaches in 2015.
Security InfoWatch

Bosch Security Systems, Inc. announces seamless integration of its IP and high definition (HD) cameras and recording solutions with Tyco Security Products’ C•CURE 9000 security and event management platform from Software House.
Security InfoWatch

If medical devices have cybersecurity problems, the U.S. Food and Drug Administration doesn't want to stand in the way of companies moving quickly to fix them.
Security InfoWatch

The young father stashed circuitry components, a soldering iron and wireless remotes in his west Houston apartment with plans to detonate homemade bombs in local shopping malls, according to court documents.
Security InfoWatch

According to a consumer study conducted by the Ponemon Institute in 2014, nearly a third of respondents noted they discontinued their relationship with a company following a data breach due to the way the company responded to the breach.
Securitry InfoWatch

Security and privacy concerns surrounding connected car technologies impact not only consumer automobiles but entire fleets of corporate and municipal vehicles used for transportation, logistics, law enforcement and other business and government needs.
SC Magazine

Microsoft today issued 10 bulletins covering 45 vulnerabilities, including 5 zero days for this month's Patch Tuesday update, the first using the company's new update methodology.
SC Magazine

It took two months, but employing as many as 3,000 CPUs, researchers have found a way to place backdoors in the cryptographic keys that protect websites, virtual private networks and internet servers, according to Ars Technica.
SC Magazine

Phishing remains one of the top threats seen by organisations today. Threat actors use various social engineering tricks to convince users that their requests for information or money transfers are legitimate.
SC Magazine

Drones (UAVs) have been around for many years, but with the wide adoption that is beginning to occur new conflicts have arisen that are causing heightened awareness of the potential threat that this technology can pose to physical security and critical infrastructure.
Security Magazine

American ports, terminals, ships, refineries and their support systems are vital components of our nation’s critical infrastructure, national security and economy.
Security Magazine

College campuses historically have been shy about emphasizing their security policies and procedures, not wanting anxious parents or prospective students to think that a visible security force, camera equipment or other evidence of being watchful means their students are particularly vulnerable.
Security Magazine

Verizon is reportedly awaiting the full results of a digital forensic investigation into the record-setting Yahoo data breach to ascertain whether it will revise its $4.8 billion bid to buy the search firm.
Data Breach Today

In an unprecedented move, the U.S. intelligence community has blamed the Russian government for attempting to interfere in U.S. elections by hacking and leaking documents.
Data Breach Today

Two Republican U.S. Senate subcommittee chairmen are demanding answers from the Federal Trade Commission about the "due process afforded" LabMD in the agency's data security enforcement case against the now-shuttered cancer testing laboratory.
Data Breach Today

Dropbox has battened down its security hatches. There's good reason: The company was one of many this year that have faced nightmarish news that rumors of a password breach were, in fact, true. It's still unclear how Dropbox and companies including Yahoo, LinkedIn, MySpace and Twitter were hacked, or why the stolen data only circulated more widely several years after the intrusions.
Data Breach Today

Hacker attacks continue to account for the vast majority of health data breach victims this year, according to the latest federal tally.
Data Breach Today

NIST says that a new study from the National Institute of Standards and Technology (NIST) found that a majority of the typical computer users they interviewed experienced security fatigue that often leads users to risky computing behavior at work and in their personal lives.
Homeland Security News Wire

Egypt will soon announce a tender for a new security system for Cairo Airport employees involving retinal scans, in an attempt to meet Russian conditions to resume flights to Egypt, Egyptian Aviation officials have said.
Security Today

With the massive Yahoo! data breach grabbing the cybersecurity headlines of late, it might be easy to forget criminals are still busy pushing ransomware with two new varieties being recently introduced and a one older type being revamped. Kaspersky Labs and Bleeping Computer officially unveiled Trojan-Ransom.Win32.Xpan and Princess Locker, respectively.
SC Magazine

A coalition of privacy organizations are suing the United States and several U.S. allies for cooperating with the National Security Agency's (NSA) bulk data collection program, which they say violates the European Convention on Human Rights.
SC Magazine

Microsoft has announced it is to harden the Edge browser for enterprise users. The hardware-based sandboxing provided by Windows Defender Application Guard for Windows 10 Enterprise will serve to isolate Edge from malicious code.
SC Magazine

Areas of security focus within the seaport environment include cybersecurity, physical security and other miscellaneous security risks.
Security Magazine

Britain’s Ministry of Defence (MOD) launched an innovation initiative that will establish a new defense and security accelerator.
Security Magazine

While the U.S. continues to dominate – with more than 80 percent share of the global market in 2015 – a recent report by Zion Market Research forecasts Asia Pacific and Latin American regions to experience considerable future growth in demand for cybersecurity solutions.
Security Magazine

Rick Holland of Digital Shadows visits the Dark Reading News Desk at Black Hat to explain how the attackers' superior business agility, faster change management, specialized job force, lower barriers to entry and bulletproof hosting keeps them ahead of the good guys.
DarkReading

The record-breaking Yahoo breach wasn't perpetrated by nation-state attackers, as Yahoo has claimed, but rather by a group of "professional blackhats from Eastern Europe" who are also suspected of stealing and reselling customer data from LinkedIn, MySpace and Tumblr, according to a new report from the security firm InfoArmor
Data Breach Today

A new kind of malicious software for Apple Mac computers is believed to have been developed by the same Russia-linked hacking group that allegedly struck the Democratic National Committee and the World Anti-Doping Agency.
Data Breach Today

The latest ISMG Security Report leads off with a discussion with DataBreachToday Executive Editor Mathew J. Schwartz on why online cybercrime is growing.
Data Breach Today

Four years after James Holmes set off tear gas grenades and shot multiple firearms into the premiere of "The Dark Knight Rises" at an Aurora, Colorado, theater, a group of survivors must pay the theater $700,000.
WSB-TV News

Multiple security issues" were patched for a number of VMware products, according to a company security advisory.
SC Magazine

The game of 20 questions is a great way to separate vendors that meets your needs from those who will likely disappoint.
DarkReading

The National Institute of Standards and Technology has issued a draft of a cybersecurity self-assessment tool.
Security Magazine

Government Officials Optimistic About Benefits of Smart Cities
Security Magazine

The ongoing fight against ransomware attacks and the cyber criminals perpetuating this menace is more than a full-time job. In a cyber world without boundaries, ransomware has become a worldwide problem where no organization is immune to victimization.
Security Magazine

The proliferation of rumors during a crisis can hinder efforts by emergency personnel trying to establish facts.
Homeland Security News Wire

Security firm MedSec claimed on Aug. 25 that pacemakers and other health care products from St. Jude Medical contain flaws that leave them vulnerable to hacks. However, the firm is also cashing in on the disclosure by partnering with an investment firm that is betting against St. Jude Medical's stock.
Computerworld

The U.S. Cyber Command is looking for tools distinctly different from the ultra-stealth exploits used by the intelligence community.
fedscoop

Workplace shootings are occurring at an alarming rate, but many employers have yet to address these scenarios in their safety training programs
Lexology

Only 34 percent of IT Pros are “very confident” they could recover from a ransomware infection without losing critical data.
Security Magazine

This mobile surveillance system is purpose-built to assist public safety personnel in the coverage of urban events and incidents, especially those of a chaotic or changing nature, such as large sporting events or city-wide festivals.
Security Magazine

Hospitals and medical centers face a panoply of threats and challenges around data security, yet the healthcare field has not yet responded as quickly as others, according to chief information security officers (CISOs) and others close to such institutions.
Security Magazine

In the continually moving environment of a casino, adding covert surveillance tools proves an unobtrusive way to get unobstructed images.
Security Magazine

As inevitable as death and taxes, distributed denial of service (DDoS) attacks against the enterprise continue as strong as ever.
Dark Reading

What started out last week as a warning by Dropbox to its users that some login data may have been compromised has exploded into a massive data breach with an estimated 68 million Dropbox user credentials being exposed on the web, but industry insiders say the company has handled the problem quite well.
SC Magazine

Forty applications in the Google Play store contain a new family of malware, dubbed DressCode.
SC Magazine

An malvertising campaign with an unusually expansive reach was targeting potentially millions of users in the U.S., Europe, Asia Pacific and the Middle East, infecting victims with ransomware before researchers at Cisco's Talos division took steps to shut down the operation this past month.
SC Magazine

From 2002 through 2015, eighty Americans were killed in terrorist attacks. The fifty-seven killed in 2016 almost equals the total of the previous thirteen years.
Homeland Security News Wire

With the outsourcing of microchip design and fabrication a worldwide, $350 billion business, bad actors along the supply chain have many opportunities to install malicious circuitry in chips.
Homeland Security News Wire

Even though insider threat events are typically much more infrequent than external attacks, they usually pose a much higher severity of risk for organizations when they do happen
Dark Reading

Private-sector companies spent more than $75 billion on security software last year, but analysts say the increased spending has not made private-sector systems much safer.
Computerworld

On Aug. 22, privacy officials in Canada and Australia found that the Ashley Madison website used deceptive and confusing practices to make customers believe the service was secure.
CIO

Ron Ross, the top cybersecurity scientist at the U.S. National Institute of Standards and Technology, on Tuesday told the U.S. Commission on Enhancing National Cybersecurity the coming cybersecurity crisis can only be addressed by building "more trustworthy secure components and systems.
fedscoop

Cyberthieves are using malicious software programs to steal banking credentials from unsuspecting consumers when they log onto their bank accounts via their mobile phones, according to law-enforcement officials and cybersecurity specialists.
The Wall Street Journal

Several consumer groups have urged the FCC to grant a request to create cybersecurity and privacy rules for vehicle-to-vehicle communications because the messages will make vehicles vulnerable to cyberattacks.
Politico Pro

ighty-two percent of hospitals have expressed concern about their ability to protect mobile devices, patient data, and infrastructure from cyberattacks, according to a Spyglass Consulting Group survey released on Aug. 22.
TechRepublic

Energy Transfer Partners, the Texas-based company building the Dakota Access pipeline, calls the project a major step toward the United States’ weaning itself off foreign oil.
New York Times

Corporate boards are getting more involved in the cybersafeguards at their companies as data breaches continue to grab headlines. Boards sometimes view cyberthreats as an information technology department problem, and may feel that they are not knowledgeable enough to oversee cybersecurity efforts.
San Diego Union Tribune

Seventy-eight percent of small and mid-size businesses conduct security training only once a year, or less, even though human error and lack of internal security awareness are the biggest sources of data breaches and risk to organizations, according to Shred-It's 2016 Security Tracker survey.
info security

China on Tuesday launched the first-ever quantum-communications satellite into orbit, the end product of a five-year project that could position China at the forefront of a key area of hard-science research and expand the range of unbreakable communication.
The Wall Street Journal

Last year, private sector companies globally spent more than $75 billion on security software to safeguard their systems and data, a figure that is expected to grow about 7 percent annually, according to Gartner and other analyst firms.
Computerworld

After a company has been hacked and the hack has been discovered to be a harmful one, top executives and IT leaders normally huddle in a room to assess the loss. It's usually not a pretty scene.
Computerworld

A plan by the U.S. government to require some foreign travelers to provide their social media IDs on key travel documents is drawing outrage.
Computerworld

The prevalence of mass shootings has risen in relation to the mass media coverage of them and the proliferation of social media sites that tend to glorify the shooters and downplay the victims, a new study finds.
Homeland Security News Wire

The clandestine group's goal was clear: Obtain the building blocks of a radioactive "dirty bomb" — capable of poisoning a major city for a year or more — by openly purchasing the raw ingredients from authorized sellers inside the United States.
Homeland Security News Wire

Imagine you woke up to discover a massive cyberattack on your country. All government data has been destroyed, taking out healthcare records, birth certificates, social care records and so much more.
Homeland Security News Wire

In yet another sign that business is booming in the underworld of ransomware, Trend Micro has reported that the number of new ransomware families it observed in the first half of 2016 has already surpassed the total number observed in 2015 by 172 percent.
SC Magazine

A new version of Locky ransomware has been spotted now sporting an improved delivery mechanism, better obfuscation which combined make it more difficult for anti-malware scanners to spot.
SC Magazine

In today’s ever expanding IT ecosystem, how do you know whether your data is really secure? It’s a critical question.
Data Breach Security

Two hotel chains are warning that they've suffered point-of-sale malware infections that compromised customers' payment card data. Both say they were alerted to related card fraud by the U.S. Secret Service and that they're now assisting law enforcement agencies' investigations.
Data Breach Today

Hacker attacks recently added to the Department of Health and Human Services' Office for Civil Rights "wall of shame" tally of major health data breaches affected a total of more than 8 million victims.
Data Breach Today

It is with deep regret we announce that Bill Zalud, Editor Emeritus of Security magazine, passed away Monday, August 8, 2016. The entire Security magazine family greatly mourns his loss.
Security Magazine

Organizations around the world are at risk of sharing highly sensitive information through visual hacking in business office environments.
Security Magazine

Reducing credit and debit card fraud by implementing EMV chip card acceptance has become retailers’ top payment issue in 2016, but retailers are also busy with new data security enhancements such as point-to-point encryption and tokenization to better protect payment card data.
Secuity Magazine

People who commit mass shootings in America tend to share three traits: rampant depression, social isolation and pathological narcissism, according to a paper presented at the American Psychological Association’s annual convention that calls on the media to deny such shooters the fame they seek.
Security Magazine

Paxton has announced the integration of its networked access control system, Net2, with Intreba’s visitor management solution, Arke. The integration provides a personalized and user-friendly service to fulfill differing visitor requirements at various sites.
Security Today

IT projects are most effective when they take into account people, processes, and technology.
Help Net Security

Although access control solutions can save lives, when inappropriately deployed, they could prevent or delay evacuation, placing more people in harm’s way.
Campus Safety Magazine

The Brookhaven Police Department in Georgia is asking residents and businesses to provide the department with access to footage captured on their video surveillance cameras.
Campus Safety Magazine

Here's six ways to bolster your campus' security measures at little to no cost.
Campus Safety Magazine

A new variant of Locky ransomware using Windows Scripting Files (WSF) as a downloader, Trend Micro researchers observed.
SC Magazine

Iran's Supreme National Cyberspace Council is investigating whether a recent string of oil and petrochemical fires were caused by a cyberattack.
SC Magazine

If Zeus was the king of banking trojans, then newcomer Scylex is looking to claim Zeus' old perch atop the Mt. Olympus of financial malware.
SC Magazine

Cisco has released an update to patch a vulnerability in its IOS XR Software for Cisco ASR 9001 Aggregation Services Routers that could lead to a denial of service condition.
SC Magazine

With less than a week to go before the 2016 Rio Olympics begin, the Brazil Ministry of Justice terminated its contract with private security firm Artel, citing “incompetence and irresponsibility.”
Security Magazine

This solution is designed to allow organizations to address their specific governance, risk and compliance (GRC) needs and challenges, regardless of size or GRC maturity level.
Security Magazine

Embezzlement is not just a problem for large enterprises – businesses with fewer than 150 employees were 10 times more likely to be victimized by fraud than those with 250-500 employees, according to the 2016 Hiscox Embezzlement Study.
Security Magazine

Amid the federal investigation into the massive email leak from the Democratic National Convention, the White House issued guidance for the first time on how government agencies should respond to large-scale cyber incidents.
Homeland Security Today

The mass adoption of data encryption software, such as Secure Sockets Layer (SSL)-based programs, has left companies more vulnerable to data breaches as hackers learn to compromise larger systems.
Homeland Security Today

Black Hat attendees may have changed their titles and now carry business cards but hackers gotta hack and there's no better place to do it than Black Hat.
DarkReading

The game has changed again with hackers' ability to steal your data at record speeds and cripple your organization before the first alert.
DarkReading

The insurance industry is on the brink of transformation. The unprecedented amount of capital present (including alternative capital) and the rash of consolidations in brokerage firms and insurance enterprises (U.S. companies, international companies, Lloyd’s syndicates) are among the reasons.
Risk & Insurance

We all know that scanning random QR codes is a risky proposition, but a newly detailed social engineering attack vector dubbed QRLJacking adds another risk layer to their use.
Help Net Security

The head of an international criminal network behind thousands of online frauds has been arrested in a joint operation by INTERPOL and the Nigerian Economic and Financial Crime Commission (EFCC).
Help Net Security

Recent headlines are testament to the growing popularity of ransomware attacks on businesses and consumers alike.
Help Net Security

The White House is discussing proposals with U.S. allies that could allow foreign governments to serve search warrants requesting email and wiretap information to US companies.
Security Magazine

The former St. Louis Cardinals baseball executive who illegally hacked into the Houston Astros' computer systems in order to gather intelligence and obtain an unfair advantage was sentenced in Houston yesterday to 46 months in federal prison.
Security Magazine

The former St. Louis Cardinals baseball executive who illegally hacked into the Houston Astros' computer systems in order to gather intelligence and obtain an unfair advantage was sentenced in Houston yesterday to 46 months in federal prison.
Security Magazine

Nearly half of the entire Transportation Security Administration (TSA) workforce—a total of 26, 878 employees—were allegedly involved in misconduct between fiscal years (FY) 2013 and 2015, putting the security of the flying public at risk, according to a recent report by the Majority Staff of the House Committee on Homeland Security.
Homeland Security Today

The House of Representatives on Monday passed four homeland security bills to protect the United States against the wide array of ever-evolving threats facing the homeland today.
Homeland Security Today

ISMG Vice President and Editorial Director Tom Field and Arbor Network's Sam Curry - who spoke at the just-concluded ISMG Fraud and Breach Prevention Summit in Boston - discuss how organizations are rethinking their approach to evolving cyberthreats
Data Breach Today

The Federal Reserve's strategy for oversight of the U.S. migration toward faster payments won't change in the wake of the heists that exploited international SWIFT payments, says Marianne Crowe of the Fed in Boston.
Data Breach Today

Will the advent of faster payments in the U.S. open new doors for fraud? That's been a question on the minds of many fraud and security experts in the wake of recent attacks that compromised global transactions processed through the interbank messaging platform known as SWIFT.
Data Breach Today

Even when we work for an organization that has a highly functional ERM process, and senior leaders are actively engaged in the identification, management and mitigation of risks, can and/or should compliance and risk officers be leaders in helping them set their priorities?
Risk & Insurance

There are a lot of insidious players on the loose, burrowing their way into corporate networks. Some bang on the front door and demand a ransom for the data they kidnap.
SC Magazine

If the threat that ransomware poses to your corporate systems hasn't already been keeping you awake, the researchers at Symantec have added some more nightmare-fuel in the form of a new white paper.
SC Magazine

Victims of ransomware scams almost never need to pay full sticker price to get their encrypted data back.
Dark Reading

TSA Misconduct is Threatening Security of Flying Public
Security Magazine

Amnesty International has launched a new smartphone application to help document firearm use in Rio de Janeiro for the 2016 Olympic games.
http://www.securitymagazine.com/articles/87252-amnesty-international-unveils-security-app-for-rio-olympics

The TSA and American Airlines, through a joint initiative, will install new screening technology, including automated security screening lanes and CT scanners, at select American Airlines hubs nationwide this fall.
Security Magazine

A new class of cyber criminals is targeting companies’ private information.
Risk & Insurance

The threat of Zika continues to prompt calls for the cancellation of the 2016 Olympic Games.
Risk & Insurance

The American Law Institute (ALI) is formalizing governance law principles that will include legal strategies to signal stakeholders and enhance institutional reputations for governance, risk management and compliance.
Risk & Insurance

Fast-food chain Wendy's says a cyberattack that stole payment card details affected 1,025 U.S. restaurants owned by franchisees, a far higher figure than first estimated.
Data Breach Today

Datacenter administrators have something in common with attackers - privilege. Isolating security from the data being secured is the Goldilocks zone of security - isolation and context, together.
Data Breach Today

The company behind infidelity-focused online dating website Ashley Madison - tagline: "Life is short, have an affair" - has revealed that it's facing an investigation by the U.S. Federal Trade Commission, nearly one year after hackers dumped personal information on millions of its members
Data Breach Today

A majority of companies are unable to prevent employees from sharing confidential documents, according to a Fasoo study.
CSO Online

Updated emergency communications systems designed to meet hospitals’ unique needs are crucial to maintain real-time communication during emergency situations.
Campus Safety Magazine

The internet is not equipped to provide the necessary security to counter cybercrime, according to internet security expert Sir David Omand in response to the Bangladesh bank heist.
CNBC

Despite renewed efforts to attract new cybersecurity talent, U.S. Cyber Command is grappling with stiff competition from private firms in recruiting and retaining a skilled workforce.
CIO

FBI Director James Comey disclosed new details Monday concerning the background of Omar Mateen, the gunman authorities say killed 49 people at Pulse nightclub in Orlando.
Wall Street Journal

Chief information security officers could lose their jobs if boards think their CISOs are poorly communicating security concerns, according to 59 percent of board members surveyed by Bay Dynamics.
CSO Online

Area 1 Security, a startup founded by former NSA analyst Oren Falkowitz, is trying to tap into private servers to monitor the activities of hackers.
New York Times

An underground online forum known as xDedic is selling access to more than 70,000 compromised servers, enabling buyers to carry out widespread cyberattacks around the world, according to Kaspersky Lab researchers.
Reuters

FICO, the company known for consumer credit rating services, will launch a new product that rates the security of corporations.
Pymnts.com

There has been little improvement in cybersecurity preparedness in the last three years, according to research from NTT Com Security's 2016 Global Threat Intelligence Report.
SC Magazine

Emirates Airline President Tim Clark said on June 2 that the recent attacks on commercial aviation prove that the security structures currently in place to protect passengers are insufficient.
Wall Street Journal

While there are no specific or credible threats to any of the campuses in the Orlando area, campus safety officials felt it necessary to beef up police presence on campuses and assure students that support services are available.
Security Today

In a massive recent theft of Twitter usernames and passwords involving nearly 33 million customers, “123456” was by far the most commonly used password, according to security company LeakedSource.
Security Today

For its next move since jettisoning storage firm Veritas and becoming a pure-play security vendor, Symantec will now buy network and cloud security firm Blue Coat from private-equity owners Bain Capital, obtaining a replacement CEO in the process.
Data Breach Today

Researchers have watched a botnet composed mostly of compromised computers in the Ukraine and Russia become a growing hive of criminal fraud activity, playing a role in everything from ransomware and click fraud to spam bots and supporting stolen payment card marketplaces.
Data Breach Today

The $1 million penalty that the Securities and Exchange Commission imposed on Morgan Stanley for its failure to prevent a now former employee from compromising some 730,000 client accounts is too low to send a strong message to financial services firms about the need for stronger cybersecurity and internal fraud controls, security experts say.
Data Breach Today

The Retail Industry Leaders Association is battling against passage of a national data security and breach notification bill known as the Data Security Act of 2015, or H.R. 2205, arguing it would unreasonably require retailers to meet some of the same security standards as banks, says Austen Jensen, the group's vice president of government affairs.
Data Breach Today

In this edition of the ISMG Security Report, DataBreachToday Executive Editor Mathew Schwartz reports from the floor of the Infosecurity Europe conference in London on the top concerns of security practitioners, including ransomware.
Data Breach Today

The credit card breach at Wendy’s is likely to be way beyond the officially reported figure of “fewer than 300,” says KrebsOnSecurity, citing fraud and banking community sources.
Dark Reading

The National Institute of Standards and Technology (NIST) is developing a minor update of its Cybersecurity Framework based on feedback from its users. In the just-released Cybersecurity Framework Feedback: What We Heard and Next Steps, NIST is announcing that a draft of the update will be published for comment in early 2017.
Homeland Security News Wire

Researchers took to the New York City subway system 9-13 May to study how a surrogate for a biological agent, such as anthrax, might disperse throughout the nation’s largest rapid transit system as a result of a terrorist attack or an accidental release.
Homeland Security News Wire

Twenty-seven percent of third-party cloud apps are classified as high risk, says a new report.
Security Magazine

Port computer systems are vulnerable to criminal organizations looking to steal, smuggle or commit espionage.
Risk & Insurance

Let’s Encrypt, the non-profit Certificate Authority (CA) that helps website administrators switch from HTTP to HTTPS quickly and effortlessly, has accidentally leaked 7,618 email addresses of its users.
Help Net Security

Violent crimes within hospitals dropped by 68 percent in 2015, according to a report by the International Association for Healthcare Security and Safety Foundation.
Campus Safety Magazine

In a recent interview with the Wall Street Journal, J.P. Morgan CIO Dana Deasy discussed the bank's security plan to ensure that its $9.4 billion technology budget remains safe.
Wall Street Journal Online

Close to half of security personnel “simply trust” their cloud providers' security tools without further verification, according to a survey of 100 IT decision makers and security experts by Enterprise Management Associates (EMA).
Fierce IT Security

A study by Kaspersky Lab found that 43 percent of consumers in the United States and Canada do not know what ransomware is.
BetaNews

Security researchers believe the recent increase in digital breaches on Asian banks is tied to North Korea. If confirmed, it would be the first known cause of a nation using digital tactics for financial gain.
New York Times

Billions of taxpayer dollars are lost due to waste, fraud, and abuse, according to the Deloitte Public Sector Research report, which offers preventative and corrective strategies for the problem.
Government Technology

Ransomware has been a growing problem in 2016, with more than 800 reports as of April, according to the Internet Crime Complaint Center (IC3).
Federal Times

There was a nine percent increase in homicides across dozens of U.S. cities over the first three months of 2016, compared with the same period last year, according to a new report from the Major Cities Chiefs Association.
Security Magazine

Cyber security is the biggest risk facing the financial system, SEC Chair Mary Jo White said on Tuesday.
Reuters

In the wake of various criminal activities in airports, such as gun smuggling, drug smuggling, and terrorism, the government is conducting a "vulnerability assessment" of U.S. airports, to be completed by the end of April.
Richmond Times

Cybercrime may be more common than ever, but its business model is vulnerable on many fronts, according to a new Hewlett Packard Enterprise report.
CSO Online

House lawmakers this week will vote on helping recruit and train more cyber workers and defend small businesses against cyberattacks.
Politico Pro

While many companies are offering larger salaries and better benefits, others are trying fractional IT security positions and more intelligent systems as a remedy to the shortage of security professionals.
eWeek

A Bloomberg News review of a terrorism database shows that public transit has become the main target for bombings, shootings, and other attacks in the West.
Bloomberg

Employees are developing a new, alternative income market, and it poses a direct security threat to employers.
National Law Review

More than 90 percent of corporate executives said they cannot read a cybersecurity report and are not prepared to handle a major attack, according to a new survey.
CNBC

Cybercriminals using "ransomware" are shifting their sights from individual targets to bigger ones, Intel Security Group's Steve Grobman said Monday.
CNBC

Major forms of communication should not be beyond the reach of the law, Walter Isaacson said one day after the Justice Department said it had broken into an iPhone used by one of the San Bernardino shooters.
CNBC

Apple is gaining ground in winning the hearts and minds of the American public in the battle with the federal government over encryption.
CNBC

A new report from the National Center for Education Statistics (NCES) found crime in U.S. schools and college campuses has declined over the past two decades, but also revealed certain disturbing trends.
Security Magazine

A recent survey from Kaspersky Lab found that 29 percent of all businesses had reported accidental disclosures by insiders as their biggest source of data loss
Security Magazine

Cyber attacks in the legal industry are starting to look less like case-specific spectacles perpetrated by nation-states and activist cabals, and more like a daily assault by burglars and common criminals.
Legaltech News

The U.S. financial services and retail sectors had more data breaches in 2015 than any other business sectors worldwide, according to Verizon's 2016 Data Breach Investigations report.
Bank Info Security

Financial sector suffered the most breaches last year, followed by the accommodation/hotel sector.
Dark Reading

A ransomware attack continues to impact the administrative services of the public utility serving Lansing, Mich. The Lansing Board of Water & Light (BWL), which shut down its administrative computers to prevent the spread of the malware, is still cleaning up its administrative systems and working to restore corporate email and other systems.
eWeek

A new survey from the Ponemon Institute has found that third party risks are increasing in organizations across the country.
Security Magazine

The two biggest security threats facing company networks could be laptops and the software that runs on them.
WindowsITPro

Absolute, a security and data risk management solution provider, has developed Endpoint Data Discovery (EDD), a system that enables organizations to locate and protect specific sensitive data on endpoint devices even when they are outside the enterprise network.
GCN Magazine

A cyberwar with the Islamic State could involve tools and tactics that corporate security professions must fight every day.
CIO

The term "insider threats" often refers to individuals who use their knowledge of or access to an organization and its systems to perpetrate fraud, sabotage, theft, or a violent act.
Wall Street Journal

How can companies balance the requirements of convenience and security? By making security everyone's business.
ZDNet

A hacker handed over millions of stolen credentials for Google, Microsoft and Yahoo email accounts, as well as thousands for banking, manufacturing and retail, in exchange for researchers liking and voting up his social media page.
Computerworld

A comprehensive evaluation of safety and security protocols has been ordered at the University of Texas' flagship campus after the first murder in 50 years took place, President Gregory Fenves has announced.
Security InfoWatch

Rather than waiting for the inevitable data breach to happen, many organizations say they have begun more actively seeking bad actors and malicious activity on their networks.
DarkReading

Only 8 percent of federal employees feel very confident in their agency's ability to protect information systems from cyberattacks, according to a new survey from Dell Security and the Government Business Council
GCN Magazine

Preventing cyberattacks is a difficult task for many companies, according to the Vistage CEO confidence index. It found that in the first quarter of 2016, 41 percent of small and mid-sized businesses said they were not prepared for a cyberattack.
Legaltech News

The U.S. is for the first time directing the military's Cyber Command to mount computer-network attacks, now being used alongside more traditional weapons, in a new line of combat again the Islamic State.
New York Times

Recently, a drone collided with a British Airways flight landing at London's Heathrow Airport.
Fox News

Compromised credentials are the cause of almost 25 percent of all data breaches, while account hijacking and malicious insiders also rate as top threats, according to the Cloud Security Alliance (CSA).
Help New Security

Epic Systems Alleged Consultancy Inappropriately Downloaded Documents
Healthcare Info Security

In a new study, 81 percent of IT professionals reported being confident in their ability to protect sensitive customer data.
Security Magazine

A growing number of organizations are adding a new member to the C-suite—the chief risk officer (CRO)—and the rise of these executives is having a direct impact on the security programs at enterprises.
CSO Online

Security agencies around the world are taking cues from Israel regarding airport security strategies.
USA Today

Cisco Talos Labs researchers recently released a report describing ransomware that can encrypt and lock 800 servers, 3,200 workstations, and the vast majority of an organization's data in one hour.
DarkReading

DOJ and SEC statements driving CCO concerns over changes in compliance regulations and scrutiny
Security Magazine

The market for fake goods is on the rise, with international trade in counterfeited or pirated products valued almost a half a trillion dollars.
Security Magazine

Latin America holds the undesirable distinction of having the most cities on the Mexico Citizens Council for Public Security's annual ranking of the world's most violent cities.
Business Insider

Federal court records reveal that a former manager with Florida Power & Light (FPL) traded nuclear information for cash to help one of China's nuclear power companies.
Miami Herald

The average company's network is accessed by 89 different vendors per week, according to a recent report by Bomgar.
CSO Online

In September 2015, U.S. President Barack Obama and Chinese President Xi Jinping announced that had reached a deal to end state-supported hacking of corporate records for economic benefit.
The Wall Street Journal

A former IT engineer for a Dallas law firm was sentenced to 115 months in prison and ordered to pay $1.697 million in restitution for a destructive computer attack he committed against his former employer in 2011.
DarkReading

The manufacturing sector is now one of the most frequently hacked industries, second only to healthcare, a new report says.
DarkReading

FBI warns US companies about rising email scams that have cost businesses up to $2.3 billion since 2013
DarkReading

Captives can cover risks excluded from conventional terrorism policies and cover the potential gap under the Terrorism Risk Insurance Act.
Risk&Insurance

Mass shootings in public places have overtaken bombings as the major terrorism threat, with IS-linked attacks striking within Western countries, according to Aon.
Reactions

This is the second time this year Toyota has been affected by a global supply chain disruption.
Fortune

Making a security plan for events, practicing it and changing it according to new technology is the only way to ensure execution.
Campus Safety Magazine

The Senate on Tuesday overwhelmingly approved legislation that would boost domestic travel security in the wake of the Brussels attacks and authorize the programs of the Federal Aviation Administration through September 2017.
Reuters

Hackers have stolen sensitive information from American energy companies -- and have planted malware in the energy grid with the intent to turn off the lights in the future.
CNN Money

A former pharmaceutical district manager faces sentencing in July after pleading guilty to criminal HIPAA violations for his part in a complex fraud scheme involving drug maker Warner Chilcott.
Bank Info Security

The Identity Theft Resource Center (ITRC) has seen a 397 percent increase in data exposure incidents across financial services, business, education, government, and healthcare sectors since it began monitoring and tallying U.S. security breaches in 2005.
Help Net Security

Pentagon doesn't have its ducks in a row when it comes to protecting US infrastructure, says GAO
Fierce GovernmentIT

t was a scary scenario: Chinese national Cheng Le, living in New York City, attempted to order ricin through the so-called dark Web.
Homeland Security News Wire

A wealthy New Orleans real estate developer has created “Uber for cops,” an app that allows anyone with a smartphone to report nonviolent criminals, drug dealers, homeless people and others they feel may be “suspicious.”
ThinkProgress

The rise of ransomware over the past year is an ever growing problem.
Homeland Security News Wire

A recent federal court ruling against a bold motion by health plan Anthem Inc., which is fighting a consolidated class-action lawsuit in the wake of its massive data breach, spotlights some of the very complex questions that are at the center of many data breach cases.
Healthcare Info Security

A survey of a major oil and natural gas-producing region in Western Canada suggests a link between hydraulic fracturing or “fracking” and induced earthquakes in the region.
Homeland Security News Wire

For the first time, new USGS maps identify potential ground-shaking hazards from both human-induced and natural earthquakes.
Homeland Security News Wire

Many security experts urge organizations to prepare defenses against ransomware infections, as well as backup recovery strategies, so they don't have to answer that question (see Ransomware Epidemic Prompts FBI Guidance).
Bank Inf Security

The FBI and DHS are warning infrastructure operators about the potential cyberattacks on the U.S. power grid.
Homeland Security News Wire

For more than 100 years, the United States electrical grid operated on a one-way delivery model: power generation, transmission, and distribution in response to user demand.
Homeland Security News Wire

ISIS has used mustard gas against Bashar al-Assad’s forces in battles at a key airport in eastern Syria.
Homeland Security News Wire

While some workplace disasters can be avoided – such as oversleeping for a meeting or missing a major deadline – others are beyond anyone's control.
PR Newswire

Terrorists are capable of launching a catastrophic cyberattack on the U.S., and could do so within the upcoming year, according to 63 percent of respondents to a recent Thycotic survey.
info security

The North American Electric Reliability Corp. (NERC) said that physical attacks on electric substations are potentially more damaging than a cyberattack.
The Wall Street Journal

Dr. Anne Schuchat from the Centre for Disease Control and Prevention (CDC) said the Zika virus is more of a threat than previously thought.
Homeland Security Newswire

The rise of ransomware over the past year is an ever growing problem.
Homeland Security News Wire

More than thirty organizations sent a letter to the Director of National Intelligence and the Director of the National Security Agency, urging them to halt reported changes to the rules governing when and how the NSA can share the data it collects through overseas surveillance.
Homeland Security News Wire

Business interruption due to a breach is top cyber risk concern, according to Aon’s 2016 Captive Cyber Survey Report.
Security Magazine

A new study has found that not one of the top 10 U.S. computer science programs (as ranked by the U.S. News & World Report in 2015) requires a single cybersecurity course for graduation.
Security Magazine

The FBI and DHS are warning infrastructure operators about the potential cyberattacks on the U.S. power grid. The FBI and DHS have launched a nationwide campaign to alert power companies and security firms, a campaign which includes briefings and online Webinars.
Homeland Security News Wire

Relax. After reports surfaced last month that dozens of private airline employees may have had terror ties, Homeland Security Secretary Jeh Johnson this week set the record straight: “It’s not that they’re suspected terrorists.
Frontpage

The U.S. Senate vote to buttress security at the nation's airports comes as the Twin Cities airport is still reeling from long waits in March for screening.
StarTribune

Federal, state and local government users of the Homeland Security Information Network now have a simpler way to verify their identities for secure information sharing.
GCN Magazine

Look for a sharp uptick in the quantity and quality of ransomware this year as more organized cybercrime groups employ ransomware, thanks to the huge success other criminals have had monetizing these attacks, security experts say.
DarkReading

Workplace violence is an issue that is beginning to get more attention, but remains underreported and misunderstood.
Security Magazine

Security pros consider the NIST framework an industry best practice, yet half of its adopters say its complete implementation involves a high level of investment.
DarkReading

There's no better lesson in the mechanics of a free market than watching a black market at work.
DarkReading

Two terrorist bombings inside Brussels' airport terminal Tuesday is prompting talk of moving security checkpoints outside such buildings in the United States.
Security InfoWatch

Two more Southern California hospitals have been attacked by hackers who infiltrated their computer systems with ransomware and demanded payment to unlock the data, officials said.
Security InfoWatch

According to the results of a recent survey sponsored by IT services provider Datalink and conducted by IDG Research Services, 70 percent of companies now rank data security as their top priority when it comes to investing their IT dollars.
Security InfoWatch

Verizon Enterprise Solutions, which regularly assists clients in responding to data breaches, admits it's suffered its own breach, reportedly affecting 1.5 million business customers.
Data Breach Today

The Justice Department has unsealed indictments against seven Iranians - allegedly working on behalf of the Iranian government, including the Iranian Revolutionary Guard Corps, a branch of Iran's armed forces - who are suspected of conducting distributed denial-of-service attacks against dozens of American banks as well as attempting to seize control of Bowman Dam outside New York City.
Data Breach Today

Ransomware attacks against hospitals are becoming commonplace this year, with at least five incidents revealed in recent weeks.
Data Breach Today

Despite the recent move to put the FBI-obtained court order against Apple on hold, the crypto debate is far from over.
Data Breach Today

The explosions that rocked a publicly accessible part of Brussels’ main airport Tuesday reignited an aviation-industry debate over whether airports can be better secured, and at what cost to travel.
Wall Street Journal

Government testing a way to unlock the phone of San Bernardino gunman Syed Rizwan Farook without Apple’s help
Wall Street Journal

Cyberattacks on the country’s largest banks, from JPMorgan Chase & Co. to Bank of America Corp., grab the headlines.
Boston Globe

Workplace violence is an issue that is beginning to get more attention, but remains underreported and misunderstood.
Security Magazine

The Cubs will open Wrigley Field to fans two and a half hours before game time for the home opener on April 11 because of new security measures.
Security Today

The world can talk about nothing other than the security of our transit systems since the attacks on a Belgian airport and metro station, but through the transit chatter comes a new vulnerability that has security experts worried: nuclear plants.
Security Today

Hackers continue to take advantage of the weak security systems hospitals have in place. This time, it was Methodist Hospital in Kentucky.
Security Today

Cambridge Savings Bank, a $3.2 billion community institution in Massachusetts, is incorporating biometrics into its online and mobile banking platforms as a way to limit, and in some cases remove, the need for username and password authentication.
Bank Info Security

A watchdog agency's audit of the Department of Veterans Affairs makes nearly three dozen recommendations for how the VA should address "material weakness" in its information security program, ranging from issues concerning identity and access management to incident response.
Bank Info Security

Risks posed by third parties are an ongoing problem for U.S. merchants because some point-of-sale vendors are overlooking basic security measures.
Bank Info Security

Tom Donilon, Sam Palmisano Tapped to Lead Commission on Enhancing National Cybersecurity
Bank Info Security

Groups of violent extremists attempt to recruit teenagers and young adults who show signs of vulnerability, according to an interactive FBI website shared by the University of Texas Police Department on Facebook.
The Daily Texan

You would think that police have enough to worry about, but in Miami they now frightened by the idea that their personal information is now searchable online.
Security Today

Transportation Security Administration (TSA) is trying to keep up. The problem only gets worse in the month of March, the month of Spring Break.
Security Today

The United States Golf Association and Homeland Security officials would like to prohibit the use of drones in and around the Oakmont Country Club in Plum, a suburb of Pittsburgh, Penn. in an effort to prevent possible terrorist attacks and vandalism during the U.S. Open.
Security Today

In a filing rebutting Apple's appeal of a court order requiring the company to help the FBI unlock the iPhone used by a shooter in the San Bernardino massacre, the Justice Department says Apple's rhetoric is "false" and "corrosive" to the institution that safeguards Americans' liberty and rights.
Data Breach Today

The U.S. Justice Department's appeal of a court order that the government can't compel Apple to unlock an iPhone used by an accused drug dealer is significant because it sets in motion a process that could lead to a Supreme Court ruling on whether mobile device makers must give law enforcement a backdoor to circumvent encryption.
Data Breach Today

Virginia Gov. Terry McAuliffe has a message for state leaders across the nation: Cybersecurity has to be a top item on their policy platforms. And, by the way, he very much intends to make Virginia the cyber capital of the United States.
Data Breach Today

Smaller integration firms are quickly filling the gaps left by national integration giants, often with custom-tailored and flexible security systems. Which one is right for your enterprise?
Security Magazine

Rutgers University researchers have performed the first study of free-form gesture passwords for smartphones in the field.
Security Magazine

Home Depot agreed to pay at least $19.5 million to compensate U.S. consumers harmed by a 2014 data breach affecting more than 50 million cardholders.
Security Magazine

A new report highlights the issues facing supply chain executives. The report, from APICS and Michigan State University, investigates the current business practices of more than 50 supply chain organizations and identifies critical issues.
Security Magazine

Cybersecurity is now front and center on organizations’ boardroom agendas, but most CISOs have yet to earn a seat at the table.
Security Magazine

Establishing your enterprise as a trusted source of information during an emergency now demands the savvy use of social media.
Security Magazine

As new-model vehicles increasingly come equipped with third-party applications and Internet connectivity, the majority of consumers say the car manufacturers are liable for the safety and security of their cars.
DarkReading

The researchers who recently disclosed the OpenSSL vulnerability could have waited for the update to be available first.
InfoWorld

U.S. Special Forces operating in Iraq captured the head ISIS chemical weapons unit.
Homeland Security News Wire

A federal magistrate-judge in New York City has ruled that the U.S. government can't force Apple to hack an iPhone to investigate a drug dealer.
CNNMoney

In essence, physical security is now converging with IT security. With today’s technology evolving at blinding speed, this blurring of the boundaries was inevitable.
Security Today

Honeywell announced that it has acquired privately held RSI Video Technologies (RSI), a leading global provider of intrusion detection systems for commercial and residential security applications under the brand Videofied®, for approximately $123 million.
Security Today

The organizers of Euro 2016, the European men’s football championship, have increased the budget for the tournament by 15 percent in the aftermath of the Paris terrorist attacks.
Security Today

Smaller integration firms are quickly filling the gaps left by national integration giants, often with custom-tailored and flexible security systems. Which one is right for your enterprise?
Security Magazine

Fifty-four percent of respondents in The Global Study on the State of Payment Data Security, conducted by the Ponemon Institute on behalf of Gemalto, have had a security or data breach involving payment data an average of four times in the past two years.
Security Magazine

WASHINGTON (Reuters) - The U.S. Defense Department plans to hire private contractors to develop a $600-million-plus computer system for a new background check agency being set up after a security breach last year exposed the personal data of nearly 22 million people, a top official told Reuters.
Yahoo Finance

Cyber attacks can come from anywhere. It could be a nation state trying to unlock your recent break-through in advanced manufacturing techniques or perhaps a competitor trying to discover your sales prospect list.
SC Magazine

Researchers at Carnegie Mellon University (CMU) were behind an attack on Tor that was used to identify cyber-criminals, according to claims by the Tor project backed up a court filing.
Sc Magazine

Microsoft's Enhanced Mitigation Experience Toolkit (EMET) is a free security tool that provides Windows and applications with an extra layer of security. It should make it difficult for hackers to attack both known and unknown vulnerabilities in the operating system, installed programs or plug-ins.
SC Magazine

While hacker attacks increasingly pose threats to the electronic patient data held by healthcare sector organizations, yet another healthcare provider has reported a major breach involving the improper disposal of paper and film records.
Data Breach Today

Seeing Is Believing: Visualizing Best Ways to Share Threat Info
Data Breach Today

The high demand for data scientists has many IT pros contemplating a lucrative career shift.
InfoWorld

A tour of managed security services provider Alert Logic reveals how proactive monitoring detects breaches and accelerates incident response.
InfoWorld

A survey of API developers claims security, customer satisfaction, and speed of deployment are among the biggest challenges.
InfoWorld

Situational awareness solutions and Actionable Intelligence®are two pieces of the overall security picture. Collecting the data is simply not good enough in today’s environment.
Security Magazine

How organized crime rings are amassing bot armies for password-cracking attacks on personal accounts in retail, financial, gaming, and other consumer-facing services.
Dark Reading

IT organizations are getting better at identifying data breaches more quickly and breach statistics are seeing ever-so-slight improvements, according to two new reports out this week.
Dark Reading

Police use of force is a topic of considerable concern today. The Police Foundation adds to the discussion by releasing an infographic intended to educate the public by visually describing the complex considerations that determine when police use of force is lawful, even when it may appear otherwise.
prweb

The White House says it's working to increase the security of the federal government's computer and data systems after high-profile hacks at various agencies, including a recent breach at the Justice Department.
CNN

Caracas in Venezuela is the most violent city in the world, according to an annual report by the Mexico Citizens Council for Public Security.
i100

Bipartisan legislation before Congress, if enacted, could put pressure on publicly traded companies to add individuals with cybersecurity expertise to their boards of directors.
Gov Info Security

oin Brad Zehring from Centrify as he explores use cases for the modern enterprise and demonstrates how privileged identity management as a service delivers: Secure access for remote employees; Controlled access for outsourced IT (without managing more identities);Centralized management of privileged identities across cloud, mobile and datacenter
Bank Info Security

Recent breaches showcase a growing need for cyber-risk oversight in the boardroom
National Association of Corporate Directors

A rapid7 report released Wednesday revealed most security organizations receive more alerts than they can handle, and that organizations are concerned about spotting stolen credentials.
CSO Online

The Obama administration has issued hundreds of notifications to law enforcement agencies, telling them to give back various federal surplus military equipment by April 1.
New York Times

The Anonymous hactivist group has launched the "OpFlint" campaign, promising online attacks directed toward Michigan Gov. Rick Snyder's administration in response to the Flint water emergency.
Government Technology

The dark net has continued to make headlines over the last decade as a mysterious part of the internet where criminals lurk and engage in illegal activities, all from the privacy of home computers.
ABC News

Social engineering continues to be instrumental for successful intrusions of information technology systems, especially as the Internet continues to provide more entry points, according to a Dec. 16 advisory from the U.S. Department of Homeland Security's National Cybersecurity and Communications Integration Center (NCICC). In addition, successful intrusions only provide more incentives for follow-up social engineering projects.
FierceGovernmentIT

Federal judges this year are expected to rule in four cases that could determine what behavior should be prosecuted under the Computer Fraud and Abuse Act and what penalties those convicted of violations should face.
Politico Pro

A cybercriminal has developed a ransomware program based on proof-of-concept code released online, but made a mistake on the implementation, causing victims' files to be completely unrecoverable, according to Trend Micro researchers.
NetworkWorld

Nearly 60 percent of Americans, if they buy a new handgun, are willing to purchase a smart or childproof gun — a weapon that is only operable in the hands of an authorized user — new Johns Hopkins Bloomberg School of Public Health-led research suggests.
Homeland Security News Wire

The San Bernardino massacre is unique in several respects, but it does bring into focus an important issue with broad relevance: how do dangerous people obtain guns, and what should the police and courts be doing to make those transactions more difficult?
Homeland Security News Wire

Murders rose 6.2 percent in the first half of 2015, according to new data from the FBI. Violent crime increased 1.7 percent and property crimes decreased 4.2 percent.
Wall Street Journal

Information security incidents involving federal agencies rose from 5,503 in fiscal 2006 to 67,168 in fiscal 2014, according to the Government Accountability Office.
Federal Computer Week

In 2016, a more diverse group of criminals will display a greater variety of motives and desired destructive outcomes as they attack traditional targets, such as financial services, retail, and government agencies, as well as non-traditional ones, including power plants, consumer sites, and applications.
ITProPortal.com

Five people, including two research scientists, were indicted by federal prosecutors in Philadelphia on charges of stealing trade secrets about drugs to treat cancer and other diseases from British drug giant GlaxoSmithKline.
New York Times

Affinity Gaming is suing Trustwave, the cybersecurity firm it hired, in a lawsuit that appears to be the first of its kind.
The Hill

The Department of Energy announced it will award $23 million for electricity grid cybersecurity research and development.
Politico Pro

The process of breaching Internet of Things (IoT) devices is sometimes uncomfortably easy for experts.
Inverse

Millennials account for one-third of the US workforce, and with that comes alarmingly poor security habits.
Government Health

Threat assessment teams are in place at most universities to investigate concerning behavior or potentially dangerous situations.
Security Today

Every year, the U.S. Federal Emergency Management Agency asks states to rank how prepared they are for various sorts of disasters.
MarketWatch

Thousands are being trained to offer timely help to those at risk, including teenagers, corporate lawyers and firefighters
The Guardian

Training in how to approach such people can improve the odds that everyone will walk away safe. - See more at: http://www.vindy.com/news/2016/jan/23/warren-police-receive-crisis-interventio/#sthash.yrIyGQE7.dpuf
Vindy.com

Cyber insurance covers more than the cost of breaches of data privacy; it can play a role in protecting against the cost of a cyberattack that disrupts business operations, explains insurance specialist Tim Burke.
Bank Info Security

K-12 respondents of Campus Safety magazine's 2015 Salary Survey echo many of the pay, department staffing levels, and weapons status trends revealed by college and hospital protection professionals. Schools and school districts are paying their novice sworn and nonsworn officers more than they did in 2011, when Campus Safety conducted its previous salary survey.
Campus Safety Magazine

The union representing aviation police officers at Chicago's two airports is requesting permission for officers to carry guns. Matt Brandon, secretary-treasurer of Local 73 of the Service Employees International Union, sent a letter to Mayor Rahm Emanuel asking that permission be granted because aviation police officers (APOs) are an "integral part of the security of these airports."
CNN

Despite patches and fixes, recent events have shown that there can still be bugs in the system once they have been released into the world.
Wall Street Journal

Cyberattacks on the nation's critical manufacturing sector nearly doubled in the year ending Sept. 30, 2015, according to the Department of Homeland Security's Industrial Control Systems Cybersecurity Emergency Response Team, or ICS-CERT.
The Washington Times

German car maker Mercedes-Benz has unveiled the world’s first mass-produced vehicle that can automatically speed up and change lanes to overtake a car after the driver presses a button — and can be driven with hands off the steering wheel for roughly a minute, even on roads without lane markings.
Weekly Times

Even if law enforcement isn't calling it stalking, officers are responding to many stalking-related incidents.
Police Chief Magazine

Cybersecurity strategies must align with business objectives, but that's difficult because most boards of directors don't understand security, says Lance Hayden, managing director at the consultancy Berkeley Research Group.
Bank Info Security

Most experts agree that the majority of CEOs and other executives have basic cyber awareness, but are limited in their knowledge of cybersecurity and imminent threats
Wall Street Journal

A data breach is a public relations and financial disaster. Companies often spot the intrusion too late, and respond inadequately, resulting in falling sales and journalist outrage.
CSO Online

Patrick Ky, Europe's top air safety official, said he is hiring a group of high-level computer experts to combat looming cyber threats to aviation.
Wall Street Journal

This past year saw several major hacking incidents that illustrated the never-ending arms race between hackers and security professionals.
InfoWorld

The National Security Council is preparing "Blue Skies," a far-reaching cybersecurity effort that calls for creating an elite cybersecurity squad to assist federal agencies in emergencies, augmenting the government's ranks of security specialists, and replacing obsolete systems.
Politico Pro

While the benefits of externally hosted collaboration technologies are generally acknowledged, there are a number of risks and security threats that are usually neither well-understood nor formally accepted.
Government Computer News

Colleges and universities encounter distinct challenges when faced with the task of standardizing security protocol, procedures, and technologies.
Security Today

New data from Cisco Systems Inc. suggests that employees route around corporate networks to a startling extent, posing risks for security and data governance.
Wall Street Journal

Delivery vans that transport prescription painkillers from warehouses to pharmacies and hospitals are the targets of an escalating number of thefts across the country, STAT has learned.
STAT

What's it take to be a successful CISO? Mark Dill, former longtime information security director at the Cleveland Clinic, says it comes down to being patient, persistent and perceived as practical.
Career Info Security

Metrics can be very useful, but only if they track the things that matter.
DarkReading

Turns out free and publicly available information can be used to determine the most critical electric substations in the US, which if attacked, could result in a nationwide blackout.
DarkReading

ISIS is a sophisticated terrorist organization, as its savvy use of social media shows.
Homeland Security News Wire

Security experts in the United Kingdom have expressed concerns about whether the United Kingdom has sufficient resources to respond to acts of terrorism outside of London.
Homeland Security News Wire

2015 was a record year for information and cyber security. Dozens of new vulnerabilities were uncovered, and government organizations, businesses and individuals continued to find themselves victim to high-profile data breaches.
Security Today

Nearly a quarter of companies (24.6%) say they would be willing to pay hackers a ransom to prevent a cyberattack, a new survey finds.
Security Magazine

Ignorance isn't bliss when mulling IT security employment numbers. Reliable data specifying the number of people employed in the United States in the cybersecurity field is hard to find.
Data Breach Today

Hackers have reportedly gained access to the accounts of dozens of Fitbit wearable fitness device users.
Data Breach Today

Qualys researchers have discovered two vulnerabilities in the popular OpenSSH implementation of the secure shell protocol, one of which (CVE-2016-0777) could be exploited by attackers to extract users' private cryptographic keys.
Help Net Security

In late December, the Hyatt Hotels Corporation announced that they found malware on computers that operate the payment processing systems for Hyatt-managed locations, but offered no details about how long the compromise went on and which hotels have been affected.
Help Net Security

Crackas With Attitude (CWA), a group of hackers with a pro-Palestinian agenda, have hit another high-rank US intelligence chief.
Help Net Security

90% of organizations are worried about compromised credentials, though 60% say they cannot catch these types of attacks today, according to a new survey by Rapid7. 62% of organizations are receiving more alerts than they can feasibly investigate.
Help Net Security

Chipotle is shutting down all of its stores nationwide for a few hours next month to hold a national staff meeting about food safety.
CNNMoney

According to a recent report based on in-depth interviews with 28 corporate security officials, 93 percent of respondents said human behavior presents the biggest threat to their organizations' security, up from 88 percent in a similar survey in 2014.
eSecurity Planet

Eighty-six percent of respondents in the Margolis Healy Campus Safety Survey 2015indicated that their university has developed an emergency operations plan that addresses threats specific to their institution. However, only 54.7 percent said their university had conducted a comprehensive hazard and vulnerability assessment, which is often instrumental in developing an effective all-hazards emergency operations plan.
Security Magazine

While utility enterprises are taking steps to detect and deter physical security threats, preventing damage and enabling recovery remain significant challenges, according to The State of Physical Grid Security 2015.
Security Magazine

As identity theft and fraud become major moneymakers for criminals, the profile of a typical identity thief is changing.
Security Magazine

A group of researchers that have previously proven that it's possible to de-anonymize programmers by analysing the source code of programs they have created, have now demonstrated that a good result can be also be achieved by analyzing executable binaries of those programs.
Help Net Security

A power blackout that recently affected about 1.4 million Ukrainians has been tied to an espionage Trojan called BlackEnergy.
Data Breach Today

Is the agency that enforces HIPAA doing enough to make sure that organizations that have had multiple smaller health data breaches are taking steps to improve security?
Data Breach Today

For half a decade, Congress debated, but never enacted, cyberthreat information sharing legislation. Then, this past December, Congress approved and President Obama signed the Cybersecurity Act of 2015.
Data Breach Today

Government agencies, along with state and local governments, could receive a helping hand from a computer network security tool developed by computer scientists and engineers at DOE’s Lawrence Livermore National Laboratory.
Homeland Security News Wire

For several days now, a small group of armed men have occupied an office of the National Wildlife Refuge in southeastern Oregon, 300 miles from Portland.
Homeland Security News Wire

A survey from Dimensional Research/CyberArk polled 304 global IT security professionals and found that one third of CEOs and 43 percent of management teams are not regularly briefed on cyber security issues.
eSecurity Planet

Our complex global society lacks resilience. The root cause of our vulnerability is the structure of the global economy: highly interconnected, complex, and filled with turbulence.
Homeland Security News Wire

FBI director James Comey told lawmakers this week that one of the suspects in the foiled terror attack in Garland, Texas, in May had exchanged 109 messages with sources in a “terrorist location” overseas ahead of the attack.
Homeland Security News Wire

Drug-resistant infections could kill an extra ten million people across the world every year by 2050 if these infections are not tackled.
Homeland Security News Wire

In the aftermath of the 13 November attacks in Paris, U.S. government agencies involved with grid security and utilities are preparing to thwart a major attack on the U.S. electrical grid.
Homeland Security News Wire

Criminals are far more likely to acquire guns from family and acquaintances than by theft, according to two new studies.
Homeland Security News Wire

Camden and Newark, New Jersey, are perceived as two of the most violent cities in the nation, yet New Jersey’s police officers are among the least likely to get shot on the job.
Homeland Security News Wire

A survey by digital security firm Gemalto shows that about two-thirds of global consumers refuse to shop with a brand that experienced a data breach.
Infosecurity Magazine

Almost since its inception, digital security has followed a perimeter model, which may seem like the Maginot Line of cybersecurity. Now, however, as more time is spent outside the firewall, security must also go beyond it.
Dark Reading

Lawmakers attending a briefing with FBI director James Comey expressed growing frustration Thursday as technology companies continue to resist Congressional efforts to curb encrypted communications.
Wall Street Journal

DARPA will gather potential proposers next week to give industry more information on its cyber threat monitoring needs in advance of solicitations under an agency announcement known as the Rapid Attack Detection, Isolation and Characterization, or RADICS, program.
FierceGovernmentIT

The U.S. National Institute of Standards and Technology (NIST) wants more information on how its cybersecurity framework is being used by the private sector and what changes could be made to improve it in the future.
Fedscoop

A survey from the Chief Marketing Officer Council, the GeoBranding Center, and AIG Travel has found that one out of four travelers altered plans this year due to safety, security, or health concerns.
Stuff.co.nz

There are several emergency preparedness measures that can enhance the ability of school and public safety officials to respond to potential terrorist attacks.
Campus Safety

A new report indicates that the cyber criminal underground in North America are more like a shopping mall than a covert, secretive operation.
CIO

Under a bill introduced by lawmakers on Tuesday, social-media companies would be required to report terrorist activity on their sites.
Wall Street Journal

Following last week’s shooting in San Bernardino, California, U.S. security companies are seeing a hike in demand for their services.
International Business Times

Conficker, Sality, and Cutwail were the most common malware families being used to attack organizations' networks in October, according to Check Point.
Help Net Security

New York City Mayor Bill de Blasio has agreed to a $19.8 million bill designed to improve school security.
Campus Safety Magazine

Federal officials announced on Monday they will unveil a new terror threat system in upcoming days.
The Hill

Security measures in American high schools can have unintended consequences that hinder, rather than help students learn, according to a new study from the University at Buffalo titled "Student Suspensions and Arrests: The Role of School Security."
Security Magazine

The National Institute of Standards and Technology (NIST) has launched a new project to help organizations prepare for and recover from data attacks.
FierceGovernmentIT

On average, shootings that injured or killed at least four people in the United States occurred at a rate of about one a day this year, according to information compiled from news reports.
New York Times

The Chinese government announced it arrested a group of hackers allegedly responsible for the massive cyberattack on the Office of Personnel Management earlier this year.
The Washington Post

Several mass shootings in America over the past year have occurred in workplace settings, prompting companies to take a second look at security systems to prevent employees from coming in harm’s way.
IBTimes

The recent shutdown of the NSA mass surveillance program has prevented the FBI from accessing and analyzing five years' worth of phone records for the married couple blamed for the recent shootings in San Bernardino, Calif. Under the new USA Freedom Act, authorities were able to obtain only about two years' worth of calling records.
Associated Press

A new report from Intel Security and the Digital Government Security Forum (DGSF) suggests the government and wider public services increasingly rely on robust information security to realize the benefits of the digital revolution over the next decade, characterized by an explosion of data.
Help Net Security

The recent attacks in Paris should push business leaders to incorporate security concerns into everyday operations, writes Bill Udell, a former CIA operations officer and the Los Angeles-based Senior Managing Director for crisis and security consulting at Control Risks.
Forbes

Weaponized Microsoft Word documents were the most common threats discovered by cybersecurity firm Invincea in October, the company said in its latest trends report.
Credit Union Times

A recent study by the Ponemon Institute found that the cybersecurity posture of state and local governments falls short of that of federal agencies, especially when it comes to the ability to prevent, detect, contain, and recover from cyberattacks.
Government Computer News

Unfortunately, campus shootings are not a new issue and the recent (or seemingly continual) spate of incidents reinforces the need to take a holistic approach to the risk, i.e., it is not a law enforcement issue alone.
Risk & Insurance

Data breaches are commonplace and inevitable. And with the average cost of a data breach now calculated as $217 per lost or stolen record, the need to protect data has never been stronger.
IT Governance

Unfortunately, campus shootings are not a new issue and the recent (or seemingly continual) spate of incidents reinforces the need to take a holistic approach to the risk, i.e., it is not a law enforcement issue alone.
Risk & Insurance

The surge in data breaches has left millions of consumer records and personally identifiable information compromised, giving fraudsters all they need to open fraudulent accounts aimed at scamming banking institutions out of big dollars.
Bank Info Security

With the heightened threat of cyber-attacks on America's critical infrastructure, a congressional watchdog says federal agencies need to adopt better metrics to determine the cyber risks specific industries they monitor face.
Bank Info Security

Many CEOs and boards of directors are failing their companies by not truly understanding their cybersecurity risks, says Steve Durbin, managing director of the Information Security Forum, a global not-for-profit organization focused on cybersecurity and information risk.
Bank Info Security

Credit rating models transformed the way we do business and have existed for almost a century. Now, these same models are inspiring a new way of managing vendor security risk by using externally collected security data to assess and quantify security performance.
Bank Info Security

Credit rating agency Moody's Corp. warns that cyber defenses as well as breach detection, prevention and response will be higher priorities in its analysis of the creditworthiness of companies across all sectors, including healthcare and financial services.
Bank Info Security

A maker of digital toys for children said it had been hacked, putting the personal information of five million people, including children, at risk.
Security Today

At the end of November, the U.S. intelligence ceased its bulk collection of telephone metadata. Instead, the government will move to a more “focused and targeted” approach in gathering intelligence, the Office of the Director of National Intelligence said in a statement.
Security Today

BEI Security president David Iffergan announced the company will be releasing their new product, SmartFence, at the Hi-Tech Defense Industry Fair in Deajeon, South Korea from December 1 through the 4.
Security Today

Metal detectors have been installed at three entrances to the Ohio Statehouse as part of increased security measures.
Security Magazine

The Occupational Safety and Health Administration launched a new webpage to provide employers and workers with strategies and tools for preventing workplace violence in healthcare.
Security Magazine

Cyberattacks will continue to menace healthcare and other business sectors next year, according to the Experian Data Breach Industry Forecast
Security Magazine

With the growing adoption of mobile access control for physical security applications, smart cards and phones used as credentials are converging into centralized identity management systems.
Security Magazine

Target Corp. has reached a proposed $39.4 million settlement with a group of banking institutions that sued the retailer over fraud losses and expenses suffered as a result of Target's December 2013 data breach.
Data Breach Today

While cyberattacks will continue to menace healthcare and other business sectors next year, organizations can't afford to overlook addressing risks tied to insiders, who are responsible for most data breaches, says Michael Bruemmer of Experian Data Breach Resolution.
Data Breach Today

The Chinese government concedes the attack on U.S. Office of Personnel Management computers emanated from China, but it contends the culprits were criminals, not individuals working for the Chinese government or military. Some experts in the United States aren't buying the Chinese government's explanation.
Data Breach Today

According to a new Department of Homeland Security (DHS) Inspector General (OIG), audit report, the Federal Emergency Management Agency’s (FEMA) information technology (IT) environment remains overly complex, difficult to secure and costly to maintain. While FEMA has made progress since the OIG’s 2011 information technology audit, much remains unresolved.
Homeland Security Today

As US counterterrorism officials warned local law enforcement to be alert to individuals who appear to be scouting “soft targets” to attack, as well as a potential Paris-style attack by “copy cat” killers, President Obama assured that, “right now, we know of no specific and credible intelligence indicating a plot on the homeland."
Homeland Security Today

A new report says that terrorism continues to rise, with over 32,000 people killed in terrorist attacks in 2014, the highest number recorded.
Security Newswire

A new report says that the five states with the largest number of identity theft offenders are Florida, California, Texas, New Jersey and Georgia.
Security Newswire

When terrorists attacked several locations in Paris last Friday night — including the Stade de France stadium where a friendly soccer match was taking place — U.S. venues immediately took notice.
Security Magazine

the House passed legislation Tuesday that would require the Transportation Security Administration (TSA) to consult with the Aviation Security Advisory Committee (ASAC) before making any changes to the prohibited items list, which includes items such as knives and firearms.
Homeland Security Today

Former FTC Attorney Discusses Implications of LabMD Case Dismissal
Data Breach Today

As U.S. merchants shore up physical point-of-sale security by upgrading their terminals to accept EMV chip cards, attackers are turning their aim toward unattended self-service terminals, such as ATMs and self-service gas pumps.
Data Breach Today

The security of mainframe computers - the so-called "big iron", which is mainly used by large organizations for critical applications, bulk data and transaction processing - is not a topic that has garnered much interest from the public.
Help Net Security

On its #OpParis Twitter account, the activist group Anonymous claimed it took down 5,500 pro-ISIS Twitter accounts.
SC Magazine

The deputy director of the US National Security Agency (NSA), Richard Ledgett, has warned of the increasing danger of destructive cyber attacks by states.
BBC

Skyhigh Networks recently analyzed the actual cloud usage of 23 million employees, and found how user behavior puts organizations at risk and how catching and managing this behavior can help reduce the risk of data loss.
Help Net Security

Trend Micro expects to see a more offensive posture taken toward cybersecurity in 2016, with government entities expanding legislation to a global defense model, which will allow for more successful arrests, prosecution and convictions
Help Net Security

The House Homeland Security Committee has released its Terror Threat Snapshot for November, and the report shows that the global and U.S. threat posed by the Islamic State and ongoing conflicts around the world are on the increase.
In Homeland Security

There are several types of data, the storage and transmission of which, the government has decided to regulate. These include things like medical records or personally identifiable information.
Wall Street Journal

Under legislation passed by the House Monday, the Department of Homeland Security (DHS) would be required to establish a program to identify and neutralize threats from rogue employees.
The Hill

A new Southern Methodist University survey of 40 executives from across the public and private sectors, mostly chief information security officers, finds that support for cybersecurity is growing in organizations.
FedScoop

The Department of Homeland Security's Gregory Touhill discussed the cyberthreats federal agencies are facing and best practices for defense after participating in a simulation of managing post-breach response.
Federal Times

In his book "Lights Out," journalist Ted Koppel questions what would happen if the power went out in a number of states affecting millions of people.
Sunday Morning

Senator Patty Murray (D-WA) announced the introduction of the Security and Financial Empowerment (SAFE) Act of 2015, building on the Violence Against Women Act.
Security Magazine

A 2013 sniper attack on a Metcalf, California energy grid substation may have been committed by someone on the inside, according to a senior DHS official.
Homeland Security News Wire

Not many people realize that undersea cables transport nearly 100 percent of transoceanic data traffic.
Homeland Security News Wire

Last week, during the 2015 Cyber Security Summit in Boston, Special Agent Joseph Bonavolonta said that the FBI's advice for some Ransomware attacks is to pay the ransom.
CSO Online

A new study on employee cybersecurity habits from CompTIA found that 17 percent of some 1,200 surveyed U.S. employees plugged an unfamiliar USB drive into their own devices.
Sc Magazine

On Oct. 23, Capital One launched SwiftID, a two-factor authentication solution for users of its Capital One Wallet app and website. SwiftID takes the place of the security questions used by many websites to authenticate users when they forget their passwords or extra authentication is required for some reason.
TechCrunch

Many companies are lacking the necessary funds to upgrade critical systems, according to a new study from the Georgia Tech Information Security Center.
Business Insider

FBI Director James B. Comey has recently warned that police in the United States have become more reluctant to do their jobs aggressively since the incidents in Ferguson and the use of smartphones. Comey told police officials in Chicago at a conference of the International Association of Chiefs of Police that major U.S. cities are seeing a violent crime wave that may partly be due to “gun shy” police officers who are afraid of being recorded on video and accused of police brutality.
The Washington Post

The growing dependency of an increasing number of organizations on the Internet has also served to increase the number of targets for hackers, particularly those organizations that have not given sufficient attention to safeguarding their networks.
Homeland Security News Wire

Ransomware malware is increasingly being downloaded by unsuspecting employees.
Lexology

Mobile phone carriers chronically fail to issue patches, so many vulnerabilities linger without getting fixed for months or years.
threat post

More than 28 percent of organizations have experienced an advanced persistent threat (APT) attack, according to a new study from ISACA.
Help Net Security

Villanova University will transition to an armed University Police Force and “will have the same authority and undergo the same specialized training as those in public law enforcement,” according to a letter written by the president.
Campus Safety

Facebook has announced it will notify users it suspects of being targeted by nation states and urge them to take necessary precautions.
Naked Security

Rep. Gerry Connolly (D-Va.), has warned that if firms do not put in place stronger cybersecurity defenses, Congress could impose new regulations that could rankle the industry.
CIO

Many U.S. companies are against an international effort to prevent cyberweapons from reaching malicious regimes because they say it well upend the way they use and sell legitimate spyware.
Wall Street Journal

Cyber threats a real and active at the nation's ports, according to Rear Adm. Paul Thomas with the US Coast Guard.
FierceGovernmentIT

Twenty-two percent of Internet users ages 16 to 35 have "none" or "a little" trust in their government's online data security, according to an Intercede survey of U.S. and U.K. citizens.
Nextgov

An American cybersecurity firm says that it has uncovered evidence that China has violated a recent agreement between Washington and Beijing that neither country would condone economic espionage.
Wall Street Journal

Researchers from Lehigh University, the University of Arkansas-Fayetteville, the University of Arkansas-Little Rock, Florida International University, and Carnegie Mellon University has been awarded a $12.2 million grant to develop methods to protect the nation's electric grid from cyber-attacks.
The Morning Call

Although armed services lawmakers want the U.S. to make Cold War era-style threats to America's cyber adversaries, many cyber analysts say it would be counterproductive to promise a specific response to any particular cyberattack.
Politico Pro

Merchants are losing an increasing amount of revenue to fraud, the LexisNexis True Cost of Fraud study shows.
Security Magazine

Although most large companies have experienced a breach in the past 12 months, 23 percent of them do not know how the hackers gained access, according to a new survey sponsored by DomainTools
CSO Online

A senior DHS official last Wednesday revealed that a 2013 sniper attack on a Metcalf, California energy grid substation – which the top U.S. electrical utility regulator has called "the most significant incident of domestic terrorism involving the grid that has ever occurred" -- may have been committed by someone on the inside.
Homeland Security Newswire

Application attacks against clouds rose 45 percent last year, according to a new Alert Logic report based on an analysis of 1 billion security events in the IT environments of more than 3,000 enterprise customers.
CSO Online

Non-technical health care employees are too complacent about the possibility of a data breach, according to a new survey from Trustwave Holdings, Inc.
CSO Online

Business leaders are increasingly evaluating cybersecurity practices, and trying to develop innovative technologies that can help reduce enterprise risks and improve performance, according to the recently released Global State of Information Security Survey 2016.
Security Magazine

Hackers have linked to more than 200 legitimate LinkedIn profiles belonging to individuals working in the defense, telecommunications, government, and utility sectors, according to researchers from the Dell SecureWorks Counter Threat Unit.
InfoWorld

In the first half of Fiscal Year 2015, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), part of the Department of Homeland Security, responded to 108 cyber incidents impacting critical infrastructure in the United States.
Homeland Security Newswire

Cyber networks support many important functions within energy delivery systems, from sending data between a smart meter and utility to controlling oil or gas flow in a pipeline.
Homeland Security Newswire

Earlier this month, Calif. Gov. Jerry Brown signed a law that would ban concealed weapons on school campuses.
New York Times

About 80 percent of information security professionals have experienced a data leak, according to a new Enterprise Management Associates (EMA)/FinalCode study.
government technology

The U.S. Department of Justice has created a new office to coordinate investigations into domestic terrorism, a top official said on Oct. 14, after a series of violent shootings have incited new fears about homegrown terror.
The Hill

As cybersecurity concerns increase among consumers, security experts say that companies must take the issue seriously, or risk losing business, especially when it comes to the Internet of Things (IOT).
Technology Fox News

A team of scholars at UCLA devised a mathematical model to determine where the LAPD should deploy officers, and the project led to substantially lower crime rates during a recent 21-month period. Starting in 2011, the researchers analyzed crime trends to determine whether their model could predict when and where major crimes would occur in real time.
Homeland Security Newswire

The National Institute of Standards and Technology (NIST) is seeking to tackle email security issues with two new projects.
NIST

Ponemon Institute study details annual costs incurred by organizations with over 1,000 employees.
Dark Reading

IT security pros are always emphasizing the need for strong password. That need came into the spotlight due to an internal Target breach report recently obtained by security blogger Brian Krebs.
FierceITSecurity

The number of times hackers tried to find security weaknesses in corporate IT systems rose 458 percent in 2014, according to AT&T's new Cybersecurity Insight Report.
LightReading

Hackers selling stolen data on the dark Web are a powerful source of business innovation, says cybersecurity reporter Brian Krebs.
Wall Street Journal

According to a Raytheon|Websense report, companies in the healthcare sector are three times more likely to encounter data theft than the average firm.
CSO Online

Among potential risks to business operations, most firms consider cyber and IT risks to be the most likely, with the greatest impact, according to the 2015 International Business Resiliency Survey by Marsh.
Security Magazine

Law-enforcement officials familiar with the investigation into the shooting at Umpqua Community College in Roseburg, Ore., last Thursday say the alleged shooter, Christopher Harper-Mercer, had earlier been discharged from the Army following a suicide attempt.
Wall Street Journal

Cybersecurity researchers have discovered a network of fake LinkedIn profiles that may have been used by hackers in Iran to form relationships with potential victims, according to a new report by Dell SecureWorks Inc.
Wall Street Journal

California Gov. Jerry Brown signed legislation that will ban the carrying of concealed guns on school and university campuses in the state.
Security Magazine

Two more firms in the financial services sector - E*Trade Financial and Dow Jones - have announced that they suffered data breaches that appeared to target not payment card data, but rather contact details for their customers or subscribers (see E*Trade, Dow Jones Issue Breach Alerts).
Data Breach Todau

A massive data breach at Experian, one of the country's major credit rating bureaus that companies use to conduct credit checks, has exposed the personal information of as many as 15 million T-Mobile consumers, according to the mobile carrier.
ABC News

There are 277 million users on LinkedIn, according to the company’s latest results, and many of them — though not all — are probably competing for the same jobs.
Market Watch

The events of September 11 2001 were a catalyst for change in the intelligence profession.One noticeable change: The number of universities offering an intelligence studies-related degree has grown from a handful to few dozen.
Homeland Security News Wire

A growing community of private and highly-vetted cybercrime forums is redefining the very meaning of “targeted attacks.”
DFI News

Recent reports show that industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems are increasingly at risk from cyber attacks, posing a threat to critical infrastructure and industry.
EE Times

The University of Antioquia in Columbia installed four Boon Edam Trilock-75 turnstiles to boost physical security on campus.
Campus Safety

A growing trend in building security is a holistic approach to security solutions, from what is being decided to who’s doing the deciding, Universal Protection Service’s business development manager Christy Gramann tells GlobeSt.com.
GlobeSt.com

The 2014 Board Practices Report: Perspectives from the Boardroom, addresses a range of board structural and financial topics, cybersecurity and data analytics, among other issues.
Wall Street Journal

A survey of 460 IT security professionals at July's Black Hat USA conference found a disconnect between the issues respondents said they were most concerned about, and what they spent the most time and budget addressing.
Tech Republic

Forty-five percent of federal agencies had employees or contractors that tried to access or exfiltrate unauthorized data during the last year, according to a recent MeriTalk survey of 150 federal IT managers.
Federal Times

With their vast stores of personal data and expensive research, universities are prime targets for hackers looking to graduate from swiping credit card numbers.
NBC News

A new report from Pace University and the U.S. arm of the Association of Chartered Certified Accountants (ACCA USA) says that accountants need to take a leading role in cybersecurity in order to protect the sensitive corporate and personal data they work with.
Accounting Today

Before purchasing an access control system, you must have a comprehensive understanding of what you need that system to do.
Secuity Magazine

The federal Bureau of Justice Statistics has reported that more than seven percent of violent victimization in the U.S. occur in parking lots or garages — commercial, noncommercial, or apartment and townhome facilities — and more than 11 percent of property crimes occur in these same lots.
Secuity Today

At some point in 2016, driver's licenses from several states will not longer be considered sufficient to clear airport security and board an airplane. Residents of New York, New Hampshire, Minnesota, Louisiana, or American Samoa will need a passport to fly domestically.
Money

Corebot is a new type of botnet malware that researchers believe has the potential to develop into a significant threat.
Network World

A recently released enterprise security survey by corporate security vendor Centrify Corp. has revealed that 59 percent of U.S. information technology managers have shared access credentials with other employees "somewhat often.
EnterpriseTech

Chinese President Xi Jinping's visit to the United States this week will first involve meetings with tech executives in Seattle rather than government officials in Washington.
Wall Street Journal

Predictive analytics uses publicly available and privately sourced data to attempt to determine future actions.
CIO

The SEC on Tuesday released a set of questions for advisers and broker-dealers to answer regarding their cybersecurity preparedness, as the agency starts conducting its second round of cyber-related exams.
Think Advisor

Skycure has released a report which detailed a study of the world's most popular tourist attractions, identifying actual network threats occurring from mobile devices over the past year.
Security Magazine

Law firms are predicted to spend more than $6.9 million on information security in 2015, or 1.92 percent of their gross annual revenues, according to a survey of large law firms.
Bloomberg BNA

According to Stanford professor Amy Zegart, U.S. national security is facing increasing challenges from insider threats and organizational rigidity.
Homeland Security News Wire

A new program called LogMeOnce is giving users the option to take a picture of whoever is trying to access the accounts they've registered with the service.
Washington Post

Never heard of the Zika virus? That may change soon. Almost unknown in humans until the past decade, Zika is now spreading fast through South America and Oceania, and it may soon knock on our doors, too.
Washington Post

A survey by the Ponemon Institute of more than 600 IT professionals in the United States found that just 25 percent of respondents rated their organization as highly resilient.
Fortune

Online crime worldwide is increasingly displacing conventional forms of property crime, such as burglary and robbery.
Bank info Security

Trustwave yesterday released its 2015 Trustwave Global Security Report which analyzes the top cybercrime, data breach, and security threat trends from 2014.
Homeland Security News Wire

Governments are having to change their compliance standards and to increase the storage and analysis of this data.
Security Today

Security executives are increasingly aware of the cyber threats that could undermine the security of their organizations.
Homeland Security Today

Despite a concerted effort to minimize insider threats, however, nearly half of federal agencies were targets of insider threats in the past year, according to a recent report by MeriTalk is a public-private partnership focused on improving the outcomes of government IT.
Homeland Security Today

Last year, Sony Pictures Entertainment suffered one of the largest and most public cybersecurity breaches in history.
Security Magazine

Every year, Security magazine honors top security executives and leaders who positively impact the security industry, their organization, their colleagues and peers, as well as the national and global security landscape.
Security Magazine

Building or upgrading a command center usually starts with facilities and equipment – ergonomic desks and chairs, LED displays and computers – as opposed to the content that supports the mission of command center staff. This approach does a disservice to your command center team by not prioritizing content that supports efficient risk management for your organization.
Security Magazine

Before you evaluate or purchase an access control system, it is critical to have a good understanding of what you need such a system to do.
Security Magazine

According to the National Retail Federation’s 11th annual Organized Retail Crime Survey, which polled 67 senior retail loss prevention executives, nearly all (97%) retailers surveyed report that they have been a victim of ORC in the past year, up from 88.2 percent who said so last year.
Security Magazine

A study by Dell examines enterprise security's impact on productivity including the mobile workforce and passwords.
Security Magazine

President Obama characterizes the hacking of American businesses by Chinese hackers as an "act of aggression" against the United States and promises his administration will take action against the Chinese if they don't stop.
Data Breach Today

A second Russian has pleaded guilty in connection with the largest U.S. hacking scheme, which resulted in the theft of more than 160 million payment card numbers.
Data Breach Today

Online crime worldwide is increasingly displacing conventional forms of property crime, such as burglary and robbery.
Data Breach Today

Cybercriminals are casting increasingly wider nets in their search for new point-of-sale systems to infect.
CSO

A dramatic breach at an Italian surveillance company has laid bare the details of government cyberattacks worldwide, putting intelligence chiefs in the hot seat from Cyprus to South Korea.
CBS News

CVS, Rite-Aid, Sam's Club, Walmart Canada and other large retail chains have suspended their online photo services following a suspected hack attack against a third-party service provider that may, in some cases, have resulted in the compromise of payment card data.
Bank info Security

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) the other day announced that another cybersecurity technology has been licensed for commercialization.
Homeland Security News Wire

As information security becomes a more important topic of interest, CISOs are increasingly asked to step up and brief boards on cyber issues
CSO

Absolute Software Corporation announced it has joined the RSA Ready Technology Partnership program.
Security Today

What do successful but separate malware attacks against banking customers around the world, as well as the White House and health insurer Anthem, all have in common?
Data Breach Today

There have been a number of recent, interesting business moves in the security space, from a range of companies, including Symantec and Cisco, plus Crowdstrike, Proofpoint, Fidelity National Information Services - better known as FIS - and Zscaler.
Data Breach Today

Your supply chain is the lifeline of your business, but it also can be a significant vulnerability during a hurricane or a natural catastrophe or other event such as a cyber-attack, strike or delay.
Security Magazine

Not surprisingly, radio frequency identification (RFID) and that technology’s “little sister” real-time location systems (RTLS) seem to be everywhere doing just about everything.
Security Magazine

Most security interfaces today leave a lot to be desired, and many security pros are gaming enthusiasts, accustomed to a sharp and engaging virtual world.
Help Net Security

With continuous changes in the information security landscape and high profile breaches being announced on a seemingly weekly basis, healthcare providers need to ensure they are properly securing protected health information (PHI).
Help Net Security

A group of researchers have discovered a new type of DoS attack that can be pulled off by a single attacker exploiting weaknesses in the BitTorrent protocol family.
Help Net Security

An over emphasis on defense is leaving the financial sector exposed to cyber attack.
Help Net Security

We are currently witnessing shifts in major industries as a result of rapid technological innovation and industry interconnectivity.
World Economic Forum

From the streets of Shanghai to Shenzhen’s technology incubators, to Beijing’s start-ups, innovation in China is thriving at a rate never seen before.
World Economic Forum

The City of Lakeland in Florida has recently standardized its security operations with Genetec Security Center, a unified security platform that combines video surveillance, access control and automatic license plate recognition systems into one central monitoring and management platform.
Security Today

https://security-today.com/articles/2015/08/04/universal-protection-service-to-acquire-guardsmark.aspx
Security Today

AMAG Technology announces the release of Symmetry CompleteView Video Management System version 4.5 and four new Symmetry PowerProtect NVRs.
Security Today

Meeting The Needs Of A Changing Homeland Security Landscape
Homeland Security Today

Although multifactor authentication is becoming increasingly popular among companies looking for ways to improve their cybersecurity posture amid the increasing number of sophisticated and damaging cyber attacks, the password-only model of security is still going strong.
Homeland Security Today

The way we interact with service providers – whether travel organisations, music suppliers or retailers – has changed to be almost unrecognisable from five years’ ago.
Help Net Security

The bug, reported by security researcher Cody Crews, allows attackers to violate Firefox' same origin policy and inject script into a non-privileged part of the built-in PDF Viewer. The flaw can be exploited to steal local files from a victim's computer.
Help Net Security

Pentagon's Joint Staff unclassified email system, used by 4,000 military and civilian personnel, has been compromised by attackers, and it has been taken offline until the threat is dealt with.
Help Net Security

Security researchers Xeno Kovah and Trammell Hudson have discovered several flaws in the firmware installed on Apple computers, and have created a worm that can silently infect them and change the firmware in question to achieve persistence in the system.
Help Net Security

It didn't take long for malware peddlers to take advantage of the huge interest users have shown into Windows 10.
Help Net Security

RiskIQ announced at Black Hat USA 2015 its latest findings on the prevalence of malvertising across the nearly two billion publisher pages and 10 million mobile apps it monitors per day.
Help Net Security

A large-scale malvertising attack abusing Yahoo’s ad network has been hitting visitors of the Internet giant's many popular and heavy-traffic sites for nearly a week.
Help Net Security

Two men were criminally charged over their alleged roles in a conspiracy to steal 94,000 credit and debit card numbers from Michaels Stores Inc.
Security Magazine

In the wake of massive data breaches such as those at the U.S. government’s Office of Personnel Management, health insurer Anthem and retailer Target, an enterprise’s initial reaction might be to tighten the security around networks and data.
Security Magazine

Identity theft topped the list of fastest-growing complaints to state and local consumer protection agencies last year, according to the latest report from the annual survey conducted by Consumer Federation of America (CFA) and the North American Consumer Protection Investigators (NACPI).
Security Magazine

Universal Protection Service, a division of Universal Services of America and a portfolio company of Warburg Pincus and Partners Group, announced this week that is has acquired Memphis-based competitor Guardsmark. Together, these companies create the largest U.S.-owned security company.
Security Magazine

Hackers could easily intercept someone’s phone without their authorization by sending a message, taking control of the device, and then deleting the message; thus eliminating any evidence of the hack.
Security Today

Solutionary performed a broad analysis of the threat landscape, which unearthed several key findings. They identified several campaigns targeting the bash vulnerability during the latest quarter - more than 600,000 events from 138 countries.
Help Net Security

A group of MIT researchers have devised two attacks that could identify, with a high degree of certainty (88%), an anonymous hidden service or client.
Help Net Security

German authorities have launched a treason investigation into a news Web site which had reported on government plans to broaden state surveillance of online communications.
Homeland Security NewsWire

A new report from the Government Accountability Office (GAO) recommends that federal agencies should more carefully verify information provided by chemical facilities and improve compliance with safety standards.
Homeland Security News Wire

Researchers found that despite the 2007 passage of the Chemical Facility Anti-Terrorism Standards (CFATS), only a few chemical facilities have completed the necessary security measures implementation.
Homeland Security News Wire

Over the past decade or so, the three most populous South Florida counties - Miami-Dade, Broward and Palm Beach - have become less renowned for old-school "Miami Vice"-style drug shootouts than for scammers stealing hundreds of millions from the government, banks and individuals by using laptops, stolen identities and fake medical procedures.
Continuity Insights

U.S. military bases are at risk for cyberattacks against the bases’ power grid and other utility systems, according to a new report on defense infrastructure from the Government Accounting Office.
Continuity Insights

A group or individual known as The Impact Team claimed to be behind the attack and that it had data on all of Ashley Madison's 37 million users and its partner sites, Cougar Life and Established Men, all owned by Canada's Avid Life Media (ALM).
CNBC

A federal lawsuit said the TSA should develop formal regulations for its full-body scanners.
Security Magazine

Some Minnesota lawmakers and railroad safety advocates are concerned that new disaster plans are not being released to the public.
Security Magazine

STANLEY Security announced the establishment of its new Vertical & Centralized Operations (VOPS) team and supporting Network Operations Center.
Security Today

AES Corporation, a manufacturer of private wireless mesh alarm communication networks, is pleased to announce that the United States Patent and Trademark Office has issued U.S. Patent No. 8,072,945 for AES Link Layered Networks.
Security Today

Experts Offer Insights on Thwarting Fraudsters
Data Breach Today

Missouri Sen. Claire McCaskill has introduced pending legislation in the Senate called the Campus Safety and Accountability Act (CASA), intended to supplant or simplify the Clery Act.
Security Magazine

Catastrophic events – both natural and man-made – occur in many forms and may severely affect a company’s ability to conduct its normal business.
Security Magazine

IT security is complicated enough. The widespread adoption of BYOD mobile devices and the overall consumerization of IT promise to complicate security efforts exponentially.
Security Magazine

The threat of terror, real or imagined, has focused the minds of building owners, architects, engineers, technologists and planners to better design buildings that can withstand a whole new array of risks.
Security Today

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) yesterday announced that another cybersecurity technology has been licensed for commercialization.
Homeland Security News Wire

Blue Cross Blue Shield plans' groundbreaking offer, in the wake of mega-breaches, of extended ID protection to all of the more than 106 million individuals covered by their insurance could set new expectations for breach response, some security experts predict.
Data Breach Today

WASHINGTON — The Obama administration on Thursday revealed that 21.5 million people were swept up in a colossal breach of government computer systems that was far more damaging than initially thought, resulting in the theft of a vast trove of personal information, including Social Security numbers and some fingerprints.
The New York Times

Problems with technology have at times roiled global financial markets, but the 223-year-old New York Stock Exchange has held itself up as an oasis of humans ready to step in when the computers go haywire.
The New York Times

Federal Bureau of Investigation Director James Comey on Thursday said a number of plots near the July 4 holiday by suspects inspired by Islamic State were disrupted by a spate of arrests, adding that law-enforcement officials are continuing to pursue leads as the militant group uses social media in a bid for followers.
Wall Street Journal

A cyber attack which shuts down parts of the United States' power grid could cost as much as $1 trillion to the U.S. economy, according to a report published on Wednesday.
Reuters

James Comey, director of the Federal Bureau of Investigation, said Monday the country needs to have a “robust debate” about the use of message encryption by technology firms, warning that Islamic State militants and other terrorist groups could use this method to recruit “troubled Americans to kill people.”
Homeland Security Today

FBI Director James Comey again backed his stance against default encryption in an editorial published Monday on Lawfare.
SC Magazine

Researchers have found that a trove of leaked data belonging to Italian firm Hacking Team includes exploits, some of which target zero-day vulnerabilities.
SC Magazine

Illinois-based Trustmark Mutual Holding Company is notifying an undisclosed number of individuals that a software error resulted in emails containing their personal information being sent to the wrong insurance carrier clients.
SC Magazine

Monday, the DHS Interoperable Communications Act (HR 615), which requires the Department of Homeland Security’s (DHS) Under Secretary for Management to maintain interoperable communications among the components of the department was signed into law by President Obama.
Homeland Security Today

The University of San Diego will create a center that will address cyber-security issues and offer graduate degree programs.
Security Magazine

Businesses and government agencies see value in using temporary workers, contractors and subcontractors. Nothing could go wrong. Right?
Security Magazine

Three new cases of Ebola have been confirmed in Liberia, following the death of a teenager from the virus on June 28 and after the West African nation had been declared Ebola Free back in May.
Firestorm

Cell phone cases come in all shapes, sizes, colors and designs. A new design, however, caught our attention at Firestorm.
Firestorm

The Dow Jones Industrial Average took a triple digit hit today after trading on the New York Stock Exchange (NYSE) was halted for three and a half hours.
ABC News

United Airlines has announced it will reward anyone who is capable of proving a remote code execution on any of its planes’ Wi-Fi networks in airline miles. This announcement comes after both the FBI and TSA asked airlines to start looking for theoretical hacks to their in-flight Wi-Fi.
Security Today

The operating system update released in May by Amazon for its Fire Phone resolves three vulnerabilities discovered by researchers at information security consultancy MWR InfoSecurity.
Security Week

Honeywell Process Solutions (HPS) and Intel Security said this week that they will combine forces to boost protection of critical industrial infrastructure and the “Industrial Internet of Things” (IIoT).
Security Week

Cisco warned on Thursday that as a result of default encryption keys in three of its security products, customers are at risk of an unauthenticated remote attacker being able intercept traffic or gain access to vulnerable systems with root privileges.
Security Week

An advisory committee formed by the U.S. Federal Aviation Administration (FAA) aims to develop international design and testing standards that will thwart cyberattacks against aircrafts.
SC Magazine

Although often considered relatively innocuous, click-fraud malware infections could be the start of serious enterprise security issues.
SC Magazine

North Carolina-based LC Industries, Inc., which operates the Tactical Assault Gear website, is notifying thousands of customers that malware discovered on the website was being used to gain access to personal information.
SC Magazine

An employee with California-based Bank of Manhattan Mortgage Lending handled mortgage loan files stored on a removable disk drive in a manner contrary to the bank's policies and instructions, possibly leading to the unauthorized disclosure or use of customer information in the files.
SC Magazine

Federal authorities have warned local law enforcement officials across the country about a heightened concern involving possible terror attacks targeting the July 4th holiday.
Security Magazine

The U.S. Department of Labor's workplace safety division is increasing its enforcement efforts in hospitals and nursing homes.
Security Magazine

From North Korea’s weapons of mass destruction (WMD) program to the 2014 Ebola virus outbreak, the United States faces—and will continue to face—a number of ever-evolving chemical and biological threats that threaten to undermine the peace, stability and security of the nation.
Homeland Security Today

At the end of a two-day China-U.S. strategic summit in Washington, U.S. Secretary of State John Kerry said June 24 that both sides had agreed on the need to create and abide by a new cyber "code of conduct."
Data Breach Today

A misallocation of resources may account for nearly 75 percent of the respondents in RSA's inaugural Cybersecurity Poverty Index believing that their companies have significant cybersecurity risk exposure, results of the survey indicated.
SC Magazine

Colorado-based AeroGrow International, Inc. is notifying an undisclosed number of individuals who shopped on its website – AeroGarden.com – that malware was likely used to infiltrate AeroGrow's online servers, and that payment card data may have been compromised.
SC Magazine

Coast Guard Vice Adm. Peter Neffenger has said that he plans to fully identify any gaps in airport security and close them if he is to be confirmed by the Senate to lead the TSA.
Security Today

Video surveillance has undergone a rapid evolution in recent years. What was once a high-tech luxury has grown into a crucial element of physical security.
Security Today

This week, a joint international operation led to the dismantling of a group of cybercriminals active in Italy, Spain, Poland, the United Kingdom, Belgium and Georgia who are suspected of committing financial fraud involving email account intrusions.
Homeland Security Today

Recent high profile attacks ranging from Sony Pictures Entertainment and Anthem, Inc. to the Office of Personnel Management and the United States Postal Service have accentuated the massive vulnerabilities that exist in the present security framework.
Homeland Security Today

While privacy and safety concerns lead the fight against the developing equipment, the ability to have a rapidly deployable eye-in-the-sky can provide vital assistance to first responders in emergency and disaster responses -- providing unprecedented situational awareness to those making decisions and allocating the limited assets available.
Homeland Security Today

Larry Ponemon, founder and chairman of the Ponemon Institute, offers an in-depth analysis of the results of the organization's 10th study of the costs of data breaches, which found, for example, that rapid growth in hacker attacks is leading to escalating costs.
Data Breach Today

Organizations are awash in security-related information, but too often they use too little of it - at least until it's too late. In part, that's because trying to link data from disparate security tools - such as firewalls, sandboxes, intrusion protection systems, anti-virus and identify management tools - by using back-end integration isn't always successful, and thus is not stopping data breaches, says Martin Roesch, chief architect for security at Cisco Systems.
Data Breach Today

The massive data breach at the U.S. Office of Personnel Management reportedly wasn't discovered by U.S. government sleuths - or the Department of Homeland Security Einstein intrusion detection system - but rather during a product demo.
Data Breach Today

The chair of Temple University's physics department has been charged with four counts of wire fraud after allegedly selling trade secrets to China, according to the U.S. Justice Department.
South Jersey Times

The theft of up to 4 million sensitive federal employees’ records maintained by the Office of Personnel Management (OPM) likely had a lot more to do with a foreign government’s spying and espionage activities than anything else, US counterintelligence authorities told Homeland Security Today on background because they aren’t authorized to officially discuss the matter.
Homeland Security Today

Canadian Prime Minister Stephen Harper announced Thursday that a number of new measures that will increase the safety and security of Canadians are being implemented to protect Canada’s borders.
Homeland Security Today

CargoNet announced the Q1 statistics for cargo theft and they were dramatic: a full $23 million worth of property was stolen, $14 million more than during the same period last year
Security Today

Columbia Casualty, a cyber-insurer that paid more than $4 million, plus defense attorney expenses, to settle a class action suit that was filed against its client, Cottage Health, in the wake of a 2013 data breach is now trying to claw back the payments.
Data Breach Today

The National Security Agency secretly expanded its warrantless surveillance of Americans' international Internet traffic to seek evidence of malicious computer hacking, according to documents leaked by former NSA contractor Edward Snowden, Pro Publica and The New York Times report.
Data Breach Today

A survey of management-level employees at small businesses in the U.S. found that 42 percent were unaware of the EMV liability shift deadline this October.
SC Magazine

Students and faculty members at public and private universities in Texas could be allowed to carry concealed handguns into classrooms, dormitories and other buildings under a bill passed by the Texas Legislature.
Security Magazine

Congratulations, security executives, soon you will officially be the “corporate rock-star.”
Security Magazine

In a recent Firestorm and Black Swan webinar, Michelle Colosimo, Black Swan Solutions Director, explains the financial impact of closing down an airport for a day.
Firestorm

It’s not just governments that are feeling the disastrous effects of state-sponsored cyber warfare and crime.
Dark Reading

Major US banks have recently closed branches along the southern border with Mexico in an attempt to crack down on money laundering, a reflection of the ease with which Mexican drug traffickers can legitimize illicit proceeds north of the border.
In Sight Crime

A stubborn piece of police scareware holds Android devices hostage until a fee is paid via Money Pak and PayPal My Cash transfers, and it increases the ransom to $1,500 / €1,400 if users attempt to unlock the device on their own.
Softpedia

The Internal Revenue Service, which disclosed this week the breach of 100,000 taxpayer accounts, has been steadily reducing the size of its internal cybersecurity staff as it increases its security spending.
Computerworld

The Internal Revenue Service believes that a major cyber breach that allowed criminals to steal the tax returns of more than 100,000 people originated in Russia, Rep. Peter Roskam confirmed to CNN on Thursday.
CNNMoney

Recent research has shown that individuals and organizations continue to be susceptible to email phishing, failing to correctly identify phishing emails and clicking on malicious links.
Homeland Security Today

The Millennial generation poses a greater risk to data security than other categories of users, according to an Absolute Software survey of 762 North American adults.
eweek

According to the 2015 Hiscox Embezzlement Watchlist, United States organizations with less than 500 employees experienced a median loss of $280,000 per year due to employee theft.
Security Magazine

Employers and security managers are becoming increasingly aware of potential security threats, but one area is still a concern because of how easily hackers can utilize it.
Security Today

Last year saw a record high of 783 data breaches, the Identity Theft Resource Center reports, and access to systems through compromised third parties or subcontractors was the second most common cause of IT breaches in 2013 and 2014.
Wall Street Journal

A new study conducted by market researchers Vanson Bourne and published by security firm Blue Coat finds that despite being "fully aware" of the risks, many employees still visit inappropriate websites while at work.
FierceCIO

A Ponemon Institute and IBM survey revealed that the average cost of a computer breach at large companies globally was $3.79 million.
USA Today

Bot traffic has surpassed human traffic on the Internet, according to a Distil Networks report.
CSO Online

PSA Security Network unveiled a new platform for its National Deployment Program, bringing real time integrator search and mapping capabilities online to PSA integrators.
Security Today

An emerging effective and cost-efficient solution to help freight rail carriers improve security is integrated security technology including smart thermal cameras, PTZ tracking solutions and target-mapping display software.
Security Today

United Airlines has announced it will reward anyone who is capable of proving a remote code execution on any of its planes’ Wi-Fi networks in airline miles.
Security Today

Information of over 3.5 million users of dating site Adult FriendFinder has been stolen and leaked online, and is being used by spammers, scammers and phishers, a Channel 4 investigation into the Deep Web has revealed.
Help Net Security

A malicious version of the popular open source Secure Shell (SSH) client PuTTY has been spotted and analyzed by Symantec researchers, and found to have information-stealing capabilities.
Help Net Security

Federal authorities have indicted six Chinese nationals for economic espionage, and apprehended the ringleader, a Chinese professor, accusing him of pilfering trade secrets from the computer systems of two American high-tech companies, where he and a co-conspirator once worked.
Data Breach Today

Numerous websites, mail servers and other services - including virtual private networks as well as "all modern browsers" - that rely on Transport Layer Security have a 20-year-old flaw that could be exploited by an attacker "to read and modify any data passed over the connection."
Data Breach Today

The Transportation Security Administration's (TSA) exclusive use of biographic data solutions “in its prospective attempt to expand the PreCheck travel screening program” is “strongly” being questioned by the International Biometrics & Identification Association (IBIA
Homeland Security Today

“I really believe in this. This is serious shit,” exclaimed The Security Awareness Company CEO and veteran cybersecurity guru Winn Schwartau in response to recent concerns terrorists or malicious actors could hack into the computerized systems of passenger aircraft and take control of them.
Homeland Security Today

Despite a number of reports over the last year indicating phishing scams continue to be a primary method of accessing personal information and breaching an organization, individuals continue to take the bait.
Homeland Security Today

Reports that a cybersecurity expert successfully hacked into an airplane’s control system from a passenger seat raises many worrying questions for the airline industry.
Homeland Security News Wire

The U.S. Department of Homeland Security (DHS) Science and Technology Directorate (S&T) the other day announced the successful completion of a robotic device that tests multiple types of handguns and ammunition.
Homeland Security News Wire

Subway will be soon adding an extra measure of security to protect its tens of thousands of franchise locations around the country, reports WATE. Instead of extra alarms or bells, the new security system, manufactured by SelectDNA actually sprays intruders, robbers, or other criminals, with a chemical that marks offenders as they try to exit the shop, reports Fox News.
Security Magazine

A bill signed into law this week will allow certain school employees in Oklahoma to carry guns on school property.
Security Magazine

As part of its arsenal of battlefield tactics, the Islamic State (ISIS) has added cyber-attacks to its list.
Security Magazine

According to multiple users, hackers who get a username and password can steal money through a Starbucks’ card until the customer or credit-card company stops them. Thieves can transfer the balance onto a card they hold, wait for the Starbucks’ card to reload, then repeat the process over and over.
Security Today

mSpy, a company that sells "customized and user-friendly mobile and computer monitoring solutions," has apparently suffered a data breach.
Help Net Security

Deep-water drilling is set to resume near the site of the catastrophic BP PLC well blowout that killed 11 workers and caused the nation's largest offshore oil spill five years ago off the coast of Louisiana.
Continuity Insights

Kicking off their 30th year as a company, the newly rebranded MKS (Micro Key Solutions) made a big splash within the industry during ISC West 2015. The first recognition was for MKS President, Victoria Ferro who was selected by the Women’s Security Council as one of the Woman of the Year in the Security Industry.
Security Today

The Statue of Liberty and Liberty Island were evacuated Friday afternoon due to reports of a suspicious package, law enforcement officials said.
Security Today

The 2015 edition of the DBIR provides insight into the state of cyber-security in 2014
Security Today

A critical vulnerability found in Magento, the most popular content management system for e-commerce sites, is being exploited by hackers to get their hands on users' personal and payment card information, Ars Technica reports.
Help Net Security

There has been increased board- and C-level interest in information security programs in light of recent high-profile data breaches such as those affecting Sony, Anthem and JP Morgan, the results of a Netskope survey have revealed.
Help Net Security

The cost per healthcare record stolen in a data breach in 2014 was $359, a figure that Frank Kim, CISO with the SANS Institute and former executive director of cyber security with Kaiser Permanente, said he found alarming.
SC Magazine

Microsoft announced plans on Wednesday to expand its bug bounty program to include Project Spartan, the company's new browser, and Azure, the company's cloud platform.
SC Magazine

Indiana-based SRI Incorporated – which conducts tax sales, deed sales and foreclosure sales relating to the recoupment of delinquent tax for local governments – is notifying roughly 9,000 individuals that their personal information may be at risk.
SC Magazine

A group of financial institutions affected by the 2013 Target data breach that exposed at least 40 million payment cards is asking a court for a preliminary injunction to block the proposed settlement between the retailer and MasterCard that would provide $19 million to card issuers.
Data Breach Today

Last year, several high profile security incidents occurred at healthcare organizations where a HIPAA Risk Assessment (HSRA) had previously been conducted.
Data Breach Today

Dr. Robert Chandler, Director of the Nicholson School of Communications at the University of Central Florida, discussed the impact of ethical disasters and the role of upper management in preventing them at the 2015 Continuity Insights Management Conference on Tuesday, April 21.
Continuity Insights

Forbes discussed potential consequences of water scarcity, including terrorism, supply chain disruption and competitive advantage, that would impact business continuity and resilience professionals.
Continuity Insights

At the urging of the board, CEOs are putting a premium on hiring a first-rate Chief Security Officer (CSO) to lead the charge to protect company and consumer data.
Forbes

Roughly forty-eight million Americans have food-borne illness each year, and according to the Centers for Disease Control and Prevention, 128,000 of them are hospitalized, and 3,000 die.
Homeland Security News Wire

AT&T is paying a hefty price - $25 million - for call center employees in Mexico, Colombia and the Philippines accessing personally identifiable information from some 278,000 customer accounts without authorization.
Bank info Securityi

Declaring a national emergency over hack attacks, President Obama signed an executive order authorizing the government to impose sanctions on hackers.
Bank Info Securityi

The U.S. electric grid remains vulnerable to cyber and physical attacks, putting millions of households at risk from outages that could last a few days or weeks.
Homeland Security NewsWire

Standing on a patch of brown grass in the Sierra Nevada mountains, which is usually covered with several feet of snow at this time of the year, California governor Jerry Brown announced the first mandatory water restrictions in state history.
Homeland Security News Wire

Facing the fourth straight year of drought, Oregon officials are worried that the state’s water security may be in jeopardy, as is already the case in California, which has just announced its first-ever mandatory water restrictions.
Homeland Security News Wire

The UN defines a region as water stressed if the amount of renewable fresh water available per person per year is below 1,700 cubic meters.
Homeland Security News Wire

Last December, cyberterrorists hacked into servers belonging to the Tewksbury Police Department, encrypted the data stored, and later asked for a $500 bitcoin ransom to be paid before department officials could regain control of their files.
Homeland Security News Wire

U.S. intelligence officials have warned that China is increasing significantly its investment in cyber warfare programs in an attempt to compete with the U.S. military.
Homeland Security News Wire

Companies are also leveraging data analytics to find their own accounting problems before the government does.
Corporate Counsel

Chief audit executives and audit committee members see internal audit priorities differently, according to an annual Grant Thornton survey.
CGMA Magazine

How CFOs can balance the risk/reward equation to spark CEOs' interest in information risk management decisions?
CFO

Countries should require mandatory disclosure of certain tax planning strategies from both companies and tax advisers, the Organisation for Economic Co-operation and Development (OECD) recommended in a draft proposal issued on Thursday.
CGMA Magazine

Prioritising sustainability issues in the supply chain yields a number of quantifiable benefits to organisations, including increased competitiveness.
CGMA Magazine

HID Global introduced the ActivID Tap Authentication platform for convenient and secure multi-factor authentication to cloud applications and web services.
Security Today

The report, which zeroes in on eight behavioral and technique-based trends regarding cybercrime, found that cybercrime has become easier as threat actors can rent exploit kits, take advantage of malware-as-a-service (MaaS) and even use subcontractors to create and execute attacks aimed at stealing data.
SC Magazine

The October 2014 breaches of some of the computer systems of the US State Department and the White House have been executed by Russian hackers, unnamed US officials familiar with the investigation told CNN reporters.
Help Net Security

An experienced and resource-backed cybercrime gang" is using the relatively new Dyre/Dyreza banking Trojan coupled with effective social engineering to steal millions from businesses, IBM Security Intelligence researchers John Kuhn and Lance Mueller warned.
Help Net Security

RSA, The Security Division of EMC, released the results of a new global breach readiness survey that covered thirty countries and compared those global results with a survey of the Security for Business Innovation Council (SBIC), a group of top security leaders from the Global 1000.
Help Net Security

Researchers have long studied the relationship between mental illness and terrorism, particularly lone-wolf terrorists.
Homeland Security News Wire

A new report looking at how organizations view the future of cyberthreats and these organizations’ current defenses, found that while IT spending is increasing, confidence in the efficacy of cyber protection is declining.
Homeland Security News Wire

IBM plans to invest $3 billion over the next four years to create an Internet of Things (IoT) business unit along with a cloud-based platform to help build (IoT) solutions.
SC Magazine

Energy sector companies based in the Middle East are the most recent targets of a reconnaissance campaign aimed at infecting systems to gather information about companies' inner-workings, according to Symantec researchers.
SC Magazine

A host of potential buyers have lined up to buy global security and protection company Brink’s’ cash management business in India, as the Richmond, Virginia (US)-headquartered firm looks to hive off the unit as part of global strategic review.
Security Today

Preparations are well underway for staging one of the biggest Interop conferences yet.
InformationWeek

Yahoo took advantage of South by Southwest's (SXSW) opening weekend this week to make major announcements surrounding its security protocol. Primarily, the company announced its new “on-demand” passwords, and followed up with news that its end-to-end encryption source code for Yahoo Mail was available on GitHub.
SC Magazine

U.S. Sen. Mark Kirk will be introducing a bill aimed at putting a place a federal breach notification standard that all organizations companies across the nation would have to abide by. The legislation would require companies to notify its customers if more than 1,000 credit card numbers are compromised in the breach, a number which he finds reasonable, according to the Alton Daily News.
SC Magazine

Genetec, a manufacturer of unified IP security solutions, announced that its flagship security platform, Security Center, now supports the Prism analytics package from Prism Skylabs, to provide cloud-based, business intelligence tools for retailers.
Security Today

2014 was the year when "designer vulnerabilities" emerged, when breaches and security incidents were being announced so fast that we struggled to keep up, when old financial malware began being used to hit new targets.
Help Net Security

A group of researchers from the Information Security Group from Royal Holloway, University of London, wanted to see how many TLS servers still supported the weak, export-grade (512-bit) RSA public keys a week after the public disclosure of the FREAK flaw. On March 3, the number of vulnerable HTTPS servers reached around 26 percent of the total. A week later less than 10 percent of them did.
Help Net Security

While most companies believe virtualization technology is a strategic priority, there are clear risks that need to be addressed. Ixia surveyed more than 430 targeted respondents in South and North America (50 percent), APAC (26 percent) and EMEA (24 percent).
Help Net Security

Ride-hailing service Uber has been hit with a proposed class-action lawsuit over a recently disclosed data breach involving the personal information of about 50,000 drivers, Reuters reports.
Security Magazine

The highly-publicized data breaches of 2014 changed the role of corporate security professionals as we know it. Now, more than ever, security IT issues have high-priority business impact and, as a result, companies face tougher expectations around protecting individuals affected by a data breach.
Security Magazine

An investigation found hundreds and potentially thousands of airport security badges are unaccounted for across the country.
Security Today

The Mall of America has heightened its security efforts after a video claiming to be posted online by a Somali group affiliated with al Queda called for attacks against the mall, according to a report.
Security Today

A Quebec City biotech company has been awarded a contract to make a ZMapp-like product to fight Ebola.
Continuity Insights

Onapsis released five security advisories detailing vulnerabilities in SAP BusinessObjects and SAP HANA enterprise software.
Help Net Security

National Intelligence Director Blames Iran for Casino Hack

The director of national intelligence, James Clapper, paints a grim picture of the cyberthreats the nation faces, saying as bad as 2014 was, 2015 and the coming years will be worse.
Data Breach Today

In an email sent to an SC Magazine editorial executive, a group identifying itself as CyberBerkut – reported pro-Russian hacktivists – said it had gained access to files on the mobile device of a Green Group official who “recently visited Kiev as a member of American military delegation.”
SC Magazine

When news of the Anthem breach first surfaced, investigators claimed that malicious tools, linked exclusively to Chinese cyber attackers, were used against the health insurer. Now, an Arlington, Va.-based security firm has released its own research that expands on these findings.
SC Magazine

Hydraulic fracturing and horizontal drilling have had a transformative, positive effect on the U.S. economy, producing societal gains that likely outweigh negative impacts to the environment and human health from an economic perspective, according to a new paper.
Homeland Security News Wire

Recent high-profile security breaches, such as those at Target, Anthem Inc., and Sony Pictures, have attracted scrutiny to how the seemingly minor decisions of individuals can have major cybersecurity consequences.
Homeland Security News Wire

The 2014 SC –ISAC Q4 report details a major surge in the volume of cargo thefts in the U.S. According to the report, “We had been seeing a somewhat downward trend in the incidents, but this trend has stopped and reversed.”
Security Today

Kaspersky Labs reported that it has uncovered how hackers surreptitiously installed spying software on bank computers, eventually learned how to mimic bank employee workflows and used the knowledge to make transfers into bank accounts they had created for this theft, said CNN Money.
Security Magazine

Lawmakers are seeking to pass a bill which would a single food safety agency to replace the current multi-agency system, which critics say is "hopelessly fragmented and outdated.
Homeland Security News Wire

Technology startup firms are leading the way in ensuring not only the security of their customers, but their own security as well. American businesses are expected to pay $2 billion for cyber insurance premiums in 2014, a 67 percent increase from just one year earlier.
Homeland Security News Wire

A global study found that more than one billion records were compromised in data breaches last year.
SC Magazine

Researchers with Trend Micro are seeing upgraded CTB-Locker ransomware being delivered in fake Google Chrome and Facebook emails as part of an attack that is also tied to a PayPal phishing campaign.
SC Magazine

Security threats to mobile and residential devices and attacks on communications networks rose in 2014, threatening personal and corporate privacy and information.
Help Net Security

A well-crafted and extremely legit-looking spam email campaign is currently targeting corporate users around the world, ultimately leading the victims to difficult-to-detect malware that downloads additional malicious programs on the target's computer.
Help Net Security

Bolstering defenses against phishing, malware and remote attacks, as well as broader implementation of encryption and a rollout of multifactor authentication, are among this year's information security priorities at the University of Michigan Hospitals and Health Centers, says CIO Sue Schade.
Data Breach Today

President Obama has gone to Silicon Valley to pitch his cybersecurity agenda and issue an executive order to encourage more private sector information sharing.
Data Breach Today

The majority of new malware is added to antivirus signature databases within 24 hours of first appearance, and 93 percent is detected within a month, but it can take as long as six months for antivirus to catch the remaining 7 percent, according to a new study by Atlanta-based security vendor Damballa, Inc.
CSO Online

Most large enterprises in the UK still aren't managing risk through dedicated cyber-insurance policies and the few that do buy based on recommendations by legal rather than IT departments, an analysis by non-profit the Corporate Executive Programme (CEP) has found.
CSO Online

Anthem, the nation's second-largest health insurance company, is the latest target of a security breach. Eighty million customers, including the company's own CEO, are at risk of having their personal information stolen.
US Today

The largest online tax-software company in the U.S. temporarily halted electronic filing of all state returns after more than a dozen states spotted criminal attempts to obtain refunds through its systems.
Wall Street Journal

As a result of the explosive growth in worldwide use of smart phones, mobile malware will play a much bigger role in fraud this year, predicts Daniel Cohen, who heads up the anti-fraud services group at security firm RSA, which just released its 2014 Cybercrime Roundup report.
Data Breach Today

In the aftermath of the Sony Pictures Entertainment cyber-attack in late November 2014, Amy Pascal is stepping down as co-chairman of the film studio.
Data Breach Today

Intuit – developer of TurboTax, QuickBooks and Quicken – announced on Friday that it is working with state governments to address a growing tax fraud problem.
SC Magazine

WordPress sites with the plug-in Fancybox-for-WordPress should apply a critical security update released Thursday that fixes a vulnerability already exploited by attackers.
CSO Online

The U.S. National Security Agency and its intelligence partners are reportedly sifting through data stolen by state-sponsored and freelance hackers on a regular basis in search of valuable information.
CSO Online

Information security experts warn that Internet routes are being hijacked to serve malware and spam, and there's little you can do about it, simply because many aspects of the Internet were never designed to be secure.
Data Breach Today

Russian hackers, using spear-phishing attacks, successfully breached the network of Sony Pictures Entertainment in November 2014, and continue to have on-demand access to Sony's network, according to a new report from cybersecurity firm Taia Global.
Data Breach Today

Frankly, it’s costing U.S. businesses more than other nations’ enterprises worldwide, according to data collected in the 2014 Cost of Cyber Crime Study: United States from the Ponemon Institute and HP Enterprise Security.
Security Magazine

Adobe began rolling out Flash Player 16.0.0.305 on Wednesday for users who have auto-update enabled.
SC Magazine

As the number of data breaches continues to grow and increase in severity and as the White House throws its weight behind data beach notification legislation, a credit union organization has beseeched Congress to create a bipartisan data breach working group.
SC Magazine

Tennessee-based ValuePetSupplies.com is notifying several thousand customers that unauthorized persons accessed its servers and installed malicious files to capture personal information – including payment card data – entered into its website.
SC Magazine

Securing financial information, personal data and proprietary plans along government, corporate and personal networks will require filling the growing demand for skilled cyber security professionals with a diverse pipeline of talent, including consulting,
Security Today

A breached retailer has won a court ruling against its payments processor and merchant bank, setting a $500,000 cap on how much it must pay for a point-of-sale breach it suffered in late 2012. Now the processor and bank must pick up the rest of the breach-related tab.
Data Breach Today

Attackers have become more proficient at taking advantage of gaps in security to evade detection and conceal malicious activity, according to Cisco.
Help Net Security

2014 has seen more high-profile targeted attacks with motivations of stealing information, making a statement and permanently destroying sensitive/valuable data.
SC Magazine

Athletic sportswear maker Nike filed suit on Dec. 8 in Multnomah County, Ore., Circuit Court against three of its former designers on grounds that they misappropriated Nike's trade secrets to launch a competing business venture with Adidas.
National Law Review

The government should more forcefully respond to foreign countries that engage in cyberattacks, because some hackers have come to believe there is minimal risk in stealing U.S. government or corporate data, according to NSA director Navy Adm. Mike Rogers.
Wall Street Journal

Security will be CIOs' top spending priority in 2015, with heightened cyberattack concerns possibly slowing cloud adoption, according to a Piper Jaffray survey.
CSO Online

In the aftermath of the cyberattack on Sony Pictures Entertainment, U.S. officials are questioning when the government should step in to help private companies fight hackers, according to National Security Agency Director Michael Rogers.
Bloomberg

After more than 150 guns were discovered in a smuggling ring on Delta Air Lines in December of last year, security officials are turning towards those who work at airports and the access they have.
Security Today

President Barack Obama on Monday proposed strengthening laws against identity theft by requiring notification when consumer information is hacked, providing more free access to credit scores and protecting students' private data.
Security InfoWatch

From January to June of 2014, 100 percent of retail organizations had their systems breached, as did 100 percent of agriculture, auto/transportation, education, and healthcare/pharmaceutical organizations, according to a new study.
SC Magazine

A study of 314 small business owners in Cincinnati found that 40 percent of thefts in small businesses are of money. The study also found that 64 percent of small businesses have experienced employee theft, only 16 percent of those reported the incident to police.
Security Magazine

The Sony hackers have set their sights on attacking a news organization, according to a report.
Security Magazine

After Google discloses Win 8.1 vulnerability two days prior to planned patch, Microsoft argues in favor of vulnerability publication schedules.
InformationWeek

According to a study recently published by The Freedonia Group, global revenues for private contract security services are expected to increase by nearly 7 percent per year to $267 billion in 2018.
Security InfoWatch

Tens of millions of dollars, credit cards and intellectual property stolen by a new group of cyber criminals.
Help Net Security

Based on its work this year in the fields of cyber security and financial crime, BAE Systems Applied Intelligence and Scott McVicar, its Managing Director of Cyber Security, offer these top five predictions for the digital crime landscape in 2015
Help Net Security

In 2013 Continuity Central conducted a survey to explore quality control methods that are being used within business continuity management systems. This survey has now been repeated to see how the trends in this area have changed.
Continuity Central

The Department of Homeland Security’s (DHS) Office of Inspector General (OIG) disclosed in a new 62-page audit report that DHS “has made progress to improve its information security program, but noncompliance by several DHS component agencies is undermining that effort.”
HSToday.US

About 40 percent of lone-wolf terrorists are driven by mental illness, not ideology: Researchers
Homeland Security News Wire

According to the National Retail Federation's 2014 Return Fraud Survey, retailers estimate that losses from return fraud will cost them $3.6 billion this holiday season.
Security InfoWatch

Federal officials say the private files of 48,439 workers may have been compromised by a computer breach at government contractor KeyPoint Government Solutions Inc.
Security InfoWatch

Despite strong encouragement from the insurance industry and business groups around the country, the U.S. Senate has adjourned for the year without passing the Terrorism Risk Insurance Program Reauthorization Act of 2014 (TRIPRA).
Property Casualty 360

The use of global security technology continues to skyrocket and extend better service to businesses. The global market for video surveillance equipment grew more than 12 percent in 2014, reaching $15.9 billion in sales.
Security Today

One Year Later, What Retailers, Bankers Have Learned.
Data Breach Today

With cybersecurity already a NIST priority, as evidenced by its publication of the cybersecurity framework, the Cybersecurity Enhancement Act would codify existing practices.
Data Breach Today

The rapid move towards virtualization and cloud infrastructure is delivering vast benefits for many organizations. In fact, Gartner has estimated that by 2016, 80% of server workloads will be virtualized.
Help Net Security

North Korea released a statement Sunday that clearly relished a cyberattack on Sony Pictures, which is producing an upcoming film that depicts an assassination plot against Pyongyang's supreme leader.
Security Magazine

A new survey of more than 1,000 directors at public companies by the National Association of Corporate Directors (NACD) showed that 52.1 percent say they are not satisfied with the quantity of the information provided by management on cyber security and IT risk.
FierceCFO

A recent study by ASIS International and the Institute of Finance & Management, "The United States Security Industry," includes a profile of security directors and the challenges they face.
Security InfoWatch

Over the last 12 years, there has been a more than 10,000-fold increase in the number of new digital threats, and cryptographer Paul Kocher and other security experts attribute the problem to a lack of liability and urgency.
New York Times

More than four in five U.S. companies have experienced a cyberattack in the last year, according to the results of a new Malwarebytes survey of IT decision makers.
ReadWrite

The Cleveland man was indicted for sending malware designed to destroy data on computers at Eaton, after the company did not hire him for a position.
Nextgov

Hackers attacked the U.S. energy grid 79 times this year, gaining the opportunity to potentially flip off switches.
CNNMoney

National Security Agency Director Adm. Michael S. Rogers said Nov. 20 that several foreign countries have infiltrated the computers of critical industries in the U.S. to steal information that could be used in the planning of a destructive attack.
Washington Post

The Federal Energy Regulatory Commission on Thursday adopted a rule that requires U.S. power companies to identify and take steps to secure key transmission substations and other hubs that could cause major problems if they were out of service.
Wall Street Journal

A group of financially sophisticated cyber-criminals has been hacking into the email accounts of CFOs of publicly traded companies and others with access to market-moving information, according to the cyber-security firm FireEye.
CFO

Whistle-blowing as a means to police corporate misconduct is gaining support.
New York Times

One initiative that has been moving forward in the U.S. is the development by the SEC of a data mining system called the Accounting Quality Model” (AQM), otherwise known in the industry as “Robocop."
feiDaily

One of the most prevalent ways that that attackers breach systems is by using a method called SQL injection.
Forbes

"Big Data" Operation Snares 118 Suspected Ticket Fraudsters
Bank info Security

The manuals describe Hacking Team’s software for government technicians and analysts, showing how it can activate cameras, exfiltrate emails, record Skype calls, log typing, and collect passwords on targeted devices.
The Intercept

Security firm FireEye’s recent reporton a group of hackers who have been infiltrating e-mail correspondence from more than 100 organizations, differs from the company’s previous reportson cyber criminals operating from China or Russia.
Homeland Security Newswire

According to the results of the annual Global Retail Theft Barometer released on Thursday, losses from shrink, which includes shoplifting, employee or supplier fraud and administrative errors, costs retailers around the world more than $128 billion last year, $42 billion of which was from the U.S. alone.
Security InfoWatch

According to the results of the annual Global Retail Theft Barometer released on Thursday, losses from shrink, which includes shoplifting, employee or supplier fraud and administrative errors, costs retailers around the world more than $128 billion last year, $42 billion of which was from the U.S. alone.
Security Info Watch

Ex-NSA hackers and their corporate clients are stretching legal boundaries and shaping the future of cyberwar.
Slate

The manuals describe Hacking Team’s software for government technicians and analysts, showing how it can activate cameras, exfiltrate emails, record Skype calls, log typing, and collect passwords on targeted devices.
The Intercept

A group of financially sophisticated cyber-criminals has been hacking into the email accounts of CFOs of publicly traded companies and others with access to market-moving information, according to the cyber-security firm FireEye.
CFO

Whistle-blowing as a means to police corporate misconduct is gaining support.
New York Times

Pushing late into the night is a health and productivity killer.
Forbes

One initiative that has been moving forward in the U.S. is the development by the SEC of a data mining system called the Accounting Quality Model” (AQM), otherwise known in the industry as “Robocop.”
fei Daily

I’m sitting here on a Sunday evening reading about more data breaches. This has transformed from something of note to a common occurrence. Days that end in “y” is that thought that sticks with me. So, what is the underlying problem here? Are the attackers really that good? Or are we collectively failing to defend our perimeters?
Forbes

A massive international operation has resulted in the arrest of 118 people - many at airports - on suspicion of using fake tickets, or using stolen card data to purchase airline tickets.
Bank Info Security

The U.S. Justice Department is restructuring its national security prosecution team to deal with cyber attacks and the threat of sensitive technology ending up in the wrong hands, as American business and government agencies face more intrusions.
Reuters

Visionworks notifies 75K Maryland customers of missing database server Texas-based eye care services provider Visionworks is notifying as many as 75,000 customers who received services at its Jennifer Square location in Annapolis, MD that an investigation is underway to locate a missing database server potentially containing their personal information.
SC Magazine

More than 90 percent of Americans feel they’ve lost control over how their personal information is collected and used by companies, according to the results of a survey by the Pew Research Center.
Security Today

Guardly announced that its Enterprise E911 solution for smartphones can now be used to enable faster, more effective response during active shooter incidents.
Security Today

The National Oceanic and Atmospheric Administration has revealed that four of its websites were compromised by a cyber-attack.
Data Breach Today

Industrial control systems used to operate US critical infrastructure have been compromised by a destructive Russian hacking campaign that has been going on since 2011, according to the Department of Homeland Security (DHS).
HSToday.US

Julia Angwin reported late Thursday that AT&T is dropping their tracking supercookie program. This comes in the wake of massive customer pressure over the discovery that AT&T and Verizon were quietly inserting unique tracking identifiers in their customers' web browsing and app data, by means of an HTTP header.
Eff.org

As many as 18,000 nurses went on strike Tuesday and picketed in front of Kaiser Permanente facilities in Northern California to express their concerns about patient-care standards and Ebola.
Continuity Insights

The paper, titled 'Guide to Threat Information Sharing', is aimed at providing guidance for improving the effectiveness of cyber-security efforts through strong information sharing practices.
Global

The Security Industry Survey of Risks and Professional Competencies has been released by the ASIS Foundation and the University of Phoenix. The survey exposes the talent and training needs of the security industry.
Security Management

"Governing" reports that organizations -- both private and public -- need to build a culture of risk management from the ground up to safeguard their systems from cyberattacks.
Governing

The U.S. Supreme Court on Tuesday heard oral arguments in a case involving an air marshal, Robert MacLean, who was fired for revealing reduced protection on Las Vegas flights despite a potential terrorist threat
The Wall Street Journal

Cargo theft costs about $30 billion annually, and Florida accounted for nearly 25 percent of U.S. cargo thefts reported between March and May, according to the state's Department of Transportation.
Tampa Bay Times

A group backed by the nation's biggest banks plans to launch the Soltra Edge platform on Dec. 2 to enable financial firms to more quickly communicate about potential cyber breaches.
Wall Street Journal

McKinsey & Co. Global Managing Director Dominic Barton said he sees three common mistakes companies make when they have a security breach. The first is an inability to make efficient decisions.
The Wall Street Journal

A new CreditCards.com survey that asked credit and debit card holders if they would shop this holiday season at retailers where personal information has been exposed found that 45 percent of respondents answered "definitely not" or "probably not."
MarketWatch

New research suggests that lone wolf terrorists are responsible for a disproportionate number of terrorist attacks in the U.S. While lone wolves only represent about 8 percent of all terrorists in the United States, they were involved in about 25 percent of incidents since 1980, according to an Oct. 29 research brief from the National Consortium for the Study of Terrorism and Responses to Terrorism (START).
Fierce Homeland Security

The Pew Research Center and Elon University's Imagining the Internet Center recently conducted a survey of more than 1,600 computer and Internet experts on the future of cyberattacks and found most respondents believe there is a significant threat.
Philadelphia Inquirer

The Obama administration has issued a cyber threat information-sharing framework designed to help government and industry officials better identify and stop cyberattacks.
The Hill

Cyberattacks involving malware infections of three popular human-machine interface (HMI) systems used by utilities in North America are believed to have been the work of Russian hackers, cybersecurity firms said Oct. 30.
Bloomberg

U.S. House CISO Darren Van Booven says he experiences many of the same challenges his private-sector counterparts do in their efforts to protect their IT assets from cyberattacks, including how much information to divulge about attacks and vulnerabilities
CIO Journal

Earlier this week, the Centers for Disease Control and Prevention(CDC) issued new guidelines on how states should deal with travelers from Ebola-stricken regions, but a lack of federal authority to mandate such guidelines has led to conflicting strategies, varying from state to state, which includes mandatory at-home quarantine for some travelers.
Homeland Security News Wire

Researchers at FireEye, a Silicon Valley-based computer security firm, are connecting the Russian government to cyber espionage efforts around the world.
Homeland Security News Wire

In its latest Emerging Cyber Threats Report, Georgia Tech warns about loss of privacy; abuse of trust between users and machines; attacks against the mobile ecosystem; rogue insiders; and the increasing involvement of cyberspace in nation-state conflicts.
Homeland Security News Wire

Assessing the readiness of an organization to handle various types of situations extends well beyond typical emergency preparedness planning.
Security InfoWatch

In response to recent cyberattacks, big banks are demanding law firms that they work with take additional steps to protect sensitive bank information.
Wall Street Journal

The number of dedicated cyberattacks rose 48 percent in 2014, totaling 42.8 million, according to a new PricewaterhouseCoopers study.
The Hill

Forty percent of U.S. adults have experienced weekly or daily attempts to access their personal data while using a PC online, according to a Microsoft survey.
ComputerWeekly.com

A recent Symantec study found a 183 percent increase in Domain Name System (DNS) amplification attacks from January through August.
CSO

A former National Security Agency official this week warned about the unanticipated security and privacy risks that employers are likely to face as wearable medical devices find their way into the workplace.
Wall Street Journal

The Justice Department's national security prosecution team is shifting its focus to cyber threats and preventing sensitive technology from ending up in the wrong hands.
Reuters

The Hill reports that several industry groups are teaming up to help franchise businesses learn more about cybersecurity.
The Hill

National Weather Service hydrologist Xiafen Chen was arrested Oct. 20 for allegedly breaching an Army database that contained sensitive files on U.S. dams
Homeland Security News Wire

The cybersecurity firm FireEye on Tuesday will release the results of an investigation into what it says are cyberattacks sponsored by the Russian government.
Wall Street Journal

A growing number of young Muslim women from the West are attempting to join radical Islamist groups, such as the Nusra Front and the Islamic State (IS).
The New York Times

The secretary of state may revoke the passports of U.S. citizens who fight in terrorist groups overseas, but this may not keep them from re-entering the country, two Congressional Research Service (CRS) reports suggest.
FierceHomelandSecurity

In his career-ending extramarital affair that came to light in 2012, General David Petraeus used a stealthy technique to communicate with his lover Paula Broadwell: the pair left messages for each other in the drafts folder of a shared Gmail account. Now hackers have learned the same trick. Only instead of a mistress, they’re sharing their love letters with data-stealing malware buried deep on a victim’s computer.
Wired

Deloitte, a major player in financial consulting and enterprise risk services, has released research that can help companies determine if they've been the victim of a data leak – or the casualty of an online hoax
SC Magazine

Businesses, under siege from hackers looking to steal sensitive information, increasingly want to take matters into their own hands. But the head of the National Security Agency is warning them not to become hackers themselves.
Nextgov

Apple CEO Tim Cook has acknowledged talks with Ma Kai, China’s vice premier, regarding the discussion of the protection of users’ information.
Security Today

While Error! Hyperlink reference not valid. chip technology continues its roll out in this country, a whitepaper from the Smart Card Alliance Payments Council contends that payment industry stakeholders can better protect against card fraud by layering EMV chip and two other security technologies, encryption and tokenization.
SC Magazine

The Arizona State Retirement System (ASRS) is notifying nearly 44,000 individuals enrolled in ASRS dental plans that two unencrypted discs containing their personal information – including Social Security numbers – were sent to a benefits company in Missouri, but were not received.
SC Magazine

After the Year of the Retail Breach, retail's annual holiday shopping season "freeze" on new technology and some security patching is just around the corner.
Dark Reading

Information security experts say espionage-focused attackers, apparently operating from Russia, have been using phishing e-mails and malware in multi-stage attacks designed to evade detection and steal political and military secrets.
Data Breach Today

An Associated Press-NORC Center for Public Affairs Research survey suggests that those factors — collectively termed "social resilience"— have a big impact on how prepared communities feel for disasters such as Superstorm Sandy, and are seen as more valuable in a crisis than even government.
Continuity Insights

The Delaware River and Bay Authority (DRBA) published a data security event notice on Friday to warn people who have made purchases at Cape May-Lewes Ferry terminals and vessels that their payment card data might have been compromised.
Security Week

Experts are hopeful that a new framework released by the National Institute of Standards and Technology will give agencies a method to evaluate the security of their computing environments against their peers.
Government Technology

IBM has released a report that discusses the characteristics that are usually seen in cyberattacks, as well as which industries are being commonly targeted by cybercriminals.
Tech Republic

Enterprises as a whole are likely to move away from the concept of the 100-percent secured environment and perimeter defense to a risk-based model of security, according to a new Gartner report.
FierceITSecurity

Financial firms and call centers are increasingly turning to voice biometric technology to help screen calls for potential fraud.
Associated Press

Relentless attacks from hackers have C-suites and boards of directors divided on what measures to take and how much to spend on beefing up cybersecurity.
Wall Street Joutnal

Hydraulic fracturing triggered a series of small earthquakes in 2013 on a previously unmapped fault in Harrison County, Ohio, according to a new study
Homeland Security News Wire

The FBI on Wednesday issued a private warning to industry that a group of highly skilled Chinese government hackers was in the midst of a long-running campaign to steal valuable data from U.S. companies and government agencies
The Washington Post

Virginia Polytechnic Institute and State University professor Daphne Yao is developing algorithms that can alert companies when an employee might be acting maliciously on their network.
Computerworld

Security leaders sound off: The CSO role may look different in every organization, but in an increasingly connected and open society, it's a critical one.
Government Technology

Israeli Prime Minister Benjamin Netanyahu announced last month the formation of a national cyber defense authority to defend civilian networks under the leadership of the Israel National Cyber Bureau.
Homeland Security News Wire

Concerns about future manmade and natural disasters are driving the U.S. market for survival kits.
Homeland Security News Wire

U.S. Cyber Command is planning to step up its efforts to protect the nation's networks from cyberattackers.
Homeland Security News Wire

There has been a growing number of discussions on jihadist social media Web sites about the possibility of terrorists using poisons and virulent pathogens such as Ebola in attacks against the United States and other Western nations, reports the Middle East Media Research Institute (MEMRI).
HSToday.US

A continuing disconnect exists between state officials and their IT security officers, even as major breaches of state databases become more frequent, according to a new report from NASCIO and Deloitte & Touche.
Pew Charitable Trusts

Even strong preventative programs may not be able to completely remove the threat of a malicious insider to critical infrastructure, according to a December 2013 report from the Department of Homeland Security (DHS).
Fierce Homeland Security

Companies are investing millions of dollars in insurance policies to protect themselves from cyber security breaches. Zouhair Guelzim, chief information security officer of L’Oreal Americas, a subsidiary of the L'Oreal Group, says the market is fraught with high premiums, incomplete coverage, and costly mistakes.
Wall Street Journal Online

The continuing attacks on U.S. corporate networks are firing talk among some executives and officials of going on the offensive, or "hacking back," against those that hack their systems.
Washington Post

France is enforcing a new cybersecurity law aimed at defending vital businesses, in response to growing concerns about U.S. and Chinese technology.
Bloomberg

The Shellshock vulnerability is dangerous because it can be exploited to remotely execute code on affected machines, which could lead to malware injections, data theft and server hijacking.
Security Week

Banks must now contend with a new type of cyber crime called vishing, which is similar to phishing but aims to trick people out of their money using someone's voice instead of an email.
Financial Times

Average cybercrime costs for U.S. companies have risen almost 10 percent from last year, according to a new report.
Politico Pro

The Obama administration hopes the growth of cyber insurance will encourage companies to improve cybersecurity practices.
Politico Pro

LONDON: Airline bosses ignore cyber security concerns at their peril, and must ensure that thorough mitigation plans are in place to deal with potential hacking of their systems, as aircraft move ever closer to becoming fully e-enabled. This was the warning given to the industry by Boeing’s chief engineer cabin and network solutions, John Craig, during Aircraft Commerce magazine’s recent Aircraft e-Enablement conference in London.
Runway Girl Network

Yahoo has fixed a bug in their system which was initially discovered by hackers who were attempting to exploit the Shellshock bug on the company’s network. According to a report, Yahoo made a statement issuing the attack.
Security Today

Kaspersky Lab performed a forensic investigation into cybercriminal attacks targeting multiple ATMs around the world. During the course of this investigation, researchers discovered the Tyupkin malware used to infect ATMs and allow attackers to remove money via direct manipulation, stealing millions of dollars.
Help Net Security

Out of sheer necessity, sports security has been evolving rapidly since the Boston Marathon bombing, and most sports security professionals refer to that particular event as a turning point.
Security Magazine

Interpol Warns Attacks Could Spread Worldwide. Criminals have infected at least 50 ATMs in Eastern Europe, including Russia, with malware that enables them to drain ATMs of their cash via "jackpotting" attacks, netting attackers millions of dollars.
Data Breach Today

DALLAS—The Liberian man who was diagnosed with Ebola in Dallas, the first case of the deadly disease in the U.S., died on Wednesday morning, the hospital treating him announced.
Wall Street Journal

The FBI has released a study of 160 active shooter incidents that occurred between 2000 and 2013 throughout the U.S.

The FBI’s Next Generation Identification (NGI) system that we spoke about in April is fully operational and includes a controversial feature known as Interstate Photo System (IPS).
Security Today

DHS identified transportation systems as one of 16 critical infrastructures to nation's supply chain and cargo theft as a constant threat to stability.
Security Today

China's military hacked into computer networks of civilian transportation companies hired by the Pentagon at least nine times, breaking into computers aboard a commercial ship, targeting logistics companies and uploading malicious software onto an airline's computers, Senate investigators said Wednesday.
Security InfoWatch

Home Depot says an estimated 56 million payment cards were exposed in the data breach at its U.S. and Canadian stores.
Data Breach Today

The bulk of mobile applications (75 percent) will fail basic security tests over the next 15 months or so – through the end of 2015 – leaving businesses vulnerable to attack and violations of their security policies, according to a report from Gartner.
SC Magazine

On August 11, 2014, OSHA fined Brooklyn-based Brookdale University Hospital and Medical Center $78,000 because of dozens of incidents in which patients and visitors assaulted employees, one of which left a nurse with severe brain injuries.
Threat Assessment Group (TAG, Inc.)

Some of the comments that Help Net Security received from the security community on Apple's Apple Pay, a new category of service that works with iPhone 6 and iPhone 6 Plus through a NFC antenna design, a dedicated chip called the Secure Element, and the security and convenience of Touch ID.
Help Net Security

Home Depot is the latest retailer to begin investigating a possible data breach.
SC Magazine

California regulators want PG&E Corp.’s utility to pay $1.4 billion in fines and penalties over a fatal natural gas pipeline explosion in San Bruno, California.
Wall Street Journal

Apple confirmed that stolen and leaked private photos of several celebrities were not due to a breach in its iCloud nor Find my iPhone services.
Dark Reading

An electrical substation near San Jose, Calif., that was the target of a sniper attack that caused $15 million worth of damage and destroyed 17 transformers last April, experienced a new security breach on Wednesday that saw burglars cutting through the fence line to steal construction equipment.
NBC Bay Area

A breach at US Investigations Services (USIS) this month exposed the background-check records of 25,000 Department of Homeland Security staffers, including undercover investigators.
Dark Reading

Metropolitan Corporate Counsel recently sat down with National Association of Corporate Directors (NACD) Director of Research Robyn Bew to discuss how cybersecurity is a current area of focus for the association.
Metropolitan Corporate Counsel

The U.S. Department of Homeland Security was directed by President Obama last year to launch a program to share classified and unclassified cybersecurity data to 16 critical infrastructure sectors.
Government Technology

South Africa has become the world capital of illegal gold mining, with tens of thousands of former miners wandering abandoned mine shafts, risking injury, death, or arrest to look for the precious metal.
Wall Street Journal

The Homeland Security Department is seeking input on developing better security standards for high-risk chemical plants.
FierceHomelandSecurity

One in five manufacturing firms in a recent survey reported a loss of intellectual property in a cyberattack in the past year due such things as malware, software vulnerabilities, and information leaked on mobile devices.
ComputerWeekly.com

A key to reducing cyber crime is getting victims - often major corporations - to cooperate with authorities, two top federal law enforcement officials said on Wednesday during visits to Pittsburgh.
Trib Live News

In this podcast recorded at Black Hat USA 2014, Rick Howard, CSO at Palo Alto Networks, talks about the role of the CSO and how it's fundamentally changing.
Help Net Security

While some may be suffering from “breach fatigue” and becoming jaded, it’s more important than ever to take cyber threats seriously.
Help Net Security

According to a report, hackers have stolen personal information belonging to patients who received treatment at several Central Florida hospitals.
Security Today

More than 50 of The UPS Store's U.S. locations were found to have malware on their computer systems, and in some cases, it's been present since mid-January.
SC Magazine

The World Customs Organization's (WCO) Illicit Trade Report finds that illicit pharmaceutical products made up more than three quarters of the contraband that was intercepted by customs enforcement agencies around the world last year.
HSToday.US

Law enforcement in the Chinese city of Wuxi have broken up a counterfeiting ring that sold fake Dow Corning silicone sealant.
Security Magazine

A survey found that most C-suite executives blame chief information security officers for cyber security lapses, but a significant portion of CIOs and others say CISOs should not be held accountable for cyber security purchasing decisions.
Bloomberg BNA

A report by the Washington-based Congressional Research Service said the U.S. electric grid may be vulnerable to a terrorist attack, and the Federal Energy Regulatory Commission has proposed regulations to protect the grid, largely prompted by last year's armed attack that took out high-voltage transformers in California.
Business Insurance

Defense Department contractors are preparing for new regulations mandating they report data breaches to the Pentagon and subsequently provide the government access to their networks.
Bloomberg

Thycotic has released the results of a survey that provided some rare insight into the beliefs and motivations of hackers.
Help Net Security

Ferguson, Mo., is the latest U.S. city to become the target of hacktivists linked to the Anonymous hacker collective.
The Wall Street Journal

Organizations that pay attention to the red flags that appear during the planning stages of insider threats such as trade secret theft, workplace shootings, and the sabotaging of information systems may be able to prevent these threats from being perpetrated.
Wall Street Journal

U.S. Defense Advanced Research Project Agency (DARPA) program manager Randy Garrett warns the advent of the Internet of Things (IoT) will create a large number of new threat vectors that could be exploited by malicious hackers.
CIO

Experienced risk professionals know that in the real world, claims and losses are inevitable. After all, it’s called Risk Management, not Risk Avoidance.
Risk and Insurance

The frequency of cyber breaches, the reputational and financial effects of breaches, and their prevalence have become manifest.
idaho Business Review

After a research of more than seven months, a security company from the United States discovered that a Russian cyber gang managed to collect 1.2 billion unique credentials from more than 420,000 websites and FTP locations.

A new point-of-sale malware strain known as Backoff has been linked to numerous remote-access attacks, putting small merchants at greatest risk, according to an alert from federal authorities.
Bank Info Security

A new survey of U.S. law enforcement entities by the National Consortium for the Study of Terrorism and Responses to Terrorism (START) finds that the sovereign citizens movement is seen as the leading threat to U.S. communities, ahead of both Islamist extremists and militia/patriot groups
RT

The market for Internet of Things devices is estimated to reach $1 trillion by 2020, when 26 billion units are expected to comprise the IoT. However, HP Security Research says 70 percent of today's 10 most popular types of IoT smart devices are vulnerable to being hacked or compromised, and each device has about 25 vulnerabilities.
Computerworld

A company that performs background checks for the U.S. Department of Homeland Security said on Wednesday it was the victim of a cyber attack, adding in a statement that "it has all the markings of a state-sponsored attack."
Reuters

It's a case of a security tool harboring security vulnerabilities: A pair of researchers has discovered multiple flaws in commercial and open-source data loss prevention (DLP) products.
InformationWeek

Council Offers Best Practices to Prevent Payments Breaches
Data Breach Today

Joshua Rogers, a teenage whitehat based in Australia, has found an extremely simple way to bypass PayPal's two-factor authentication feature.
Help Net Security

Traffic control systems used in the U.S. and other countries can be hacked to cause significant traffic problems, or can even be “bricked” to cause millions of dollars in damages to infrastructure.
SC Magazine

A Dutch digital security company, announced plans to acquire U.S.-based SafeNet for $890 million.
SC Magazine

Based on our interactions with many security practitioners, the following is a snapshot of what we see trending from December 2013-May 2014.
SEC

Scientists predict the probability of a massive solar storm striking the Earth in the next decade to be 12 percent. The 23 July 2012 solar storm was pointed away from Earth and blasted safely into space, but had it been directed towards Earth, it would have produced the worst geomagnetic storm in more than four centuries, causing extensive electricity problems that could take years to resolve.
Homeland Security Newswire

The Georgia Tech Research Institute (GTRI) developed the open source system called BlackForest, which will complement the institute's malware and spear-phishing intelligence systems.
NetworkWorld

A report from the Senate Homeland Security Committee's Republican staffers has concluded that the Chemical Facility Anti-Terrorism Standards (CFATS) program is a failure and that it is not helping to protect the U.S. from a chemical terrorist attack.
Wall Street Journal

http://www.hstoday.us/briefings/industry-news/single-article/rising-cargo-thefts-prompt-new-security-solutions/2b7831973e958832bdd262fe62d6bb41.html
Homeland Security Today

The seed company Monsanto is one of a number of companies that face serious threats from hackers, according to Fontbonne University cybersecurity professor Al Carlson.
CBS St. Louis

A new report from the Center for a New American Security diagnoses some of the cybersecurity challenges facing the U.S. government and offers possible ways of addressing those challenges.
Homeland Security Today

IT security professionals around the world are facing challenges in their efforts to protect against advanced persistent threats (APTs) that use advanced evasion techniques (AETs) to hide their presence within a network, according to a new McAfee survey.
Tech Republic

The responses to a recent Ponemon Institute survey of 4,881 IT and security professionals offer a glimpse into the state of cybersecurity efforts at companies around the world.
Network World

The growing use of smart-grid technology and the integration of more devices into the nation's electric system could complicate efforts to secure the nation's electric grid, according to a report by the nonpartisan policy organization the Center for the Study of the Presidency and Congress.
Fierce Homeland Security

Researchers at the Hungary-based Laboratory of Cryptography and System Security have uncovered Duqu, an unusual form of steganography-based malware that embeds itself in Microsoft Windows machines, gathers information about industrial control systems, and then transmits it to its command-and-controlcenter.
Technology Review

ISACA's Robert Stroud says one of the best ways enterprises can defend themselves against advanced persistent threats (APTs) is to develop and aggressively vet planned responses to APTs in the same way they create and vet business continuity plans.
GovInfoSecurity.com

Illinois Gov. Pat Quinn has signed a law requiring employers to evaluate a job applicant's skills before inquiring about criminal history.
Progress Illinois

According to industry estimates, botnets have caused over $9 billion in losses to US victims and over $110 billion in losses globally.
Help Net Security

A survey of IT security professionals revealed that most individuals stick to a infrequent schedule for updating privileged credentials.
SC Magazine

Sony has agreed to a $15 million preliminary settlement in hopes of quashing even heftier costs associated with its massive PlayStation Network hack three years ago.
SC Magazine

A new impersonation scheme is taking aim at business executives to perpetuate ACH and wire fraud, says Bank of the West's David Pollino, who explains steps institutions should take now to protect their customers.
Data Breach Today

In a 20-page ruling, U.S. District Judge Elaine Bucklo says the six plaintiffs named in the consolidated suits failed to prove that they suffered "actual economic damage" as a result of using their credit and debit cards at Michaels during the time of the breach.
Data Breach Today

A federal judge has denied Target's motion to halt the discovery process in the class action lawsuits filed against the retailer in the wake of its December 2013 data breach.
Data Breach Today

Pennsylvania Psychiatric Society and Pennsylvania Medical Society officials Friday expressed sympathy and offered advice for those affected by Thursday’s shootings at Mercy Fitzgerald Hospital’s Sister Marie Lenahan Wellness Center that resulted in the death of a caseworker, the wounding of a psychiatrist and the critical injury of a psychiatric patient who is the suspected perpetrator.
Daily Times News

Exploits can expose software and security systems, researchers warn, helping hackers attack remote machines undetected
The Guardian

A U.S. House subcommittee held a hearing July 16 that focused on the recent problems at government-run labs associated with the handling of dangerous microbes, such as anthrax and smallpox.
Wall Street Journal

The St. Petersburg, Fla., City Council is debating whether or not to allow businesses to install electrified fences in parts of the city. The city council was divided on matters of safety and security for businesses.
Security InfoWatch

Google announced July 15 that it will launch a new cybersecurity research effort called Project Zero. The project is intended to improve security throughout the Internet and reduce the number of people affected by cyberattacks.
Wall Street Journal

Although 86 percent of executives are aware of legal requirements surrounding confidential data, 20 percent never performed a security audit, according to a new survey of small-business owners and c-suite executives by Shred-It.
Help Net Security

The SEC has opened investigations of multiple companies in recent months examining whether they properly handled and disclosed cyberattacks. The focus is on whether the companies adequately guarded data and informed investors about the breaches, say insiders
Bloomberg

The U.S. energy market, particularly for oil and natural gas, is expected to grow significantly in the coming years, providing an excellent opportunity for security professionals to help protect production and processing facilities
Security Today

NIST has been sending delegations around the world to discuss its framework describing how governments and commercial sectors can collaborate to respond to cyberthreats.
FCW

A recent Ponemon Institute survey of 1,587 IT professionals responsible for protecting sensitive or confidential structured and unstructured data has found a lack of knowledge about where such data resides is their biggest security concern.
eWeek

New research suggests that just 3 percent of information technology leaders at utilities and other critical infrastructure businesses believe security standards and rules can reduce threats to the systems running their operations.
Nextgov

An electromagnetic pulse (EMP) event could potentially wipe out 90 percent of the U.S. population if the resulting blackout lasted longer than a year, warns Dr. Peter Pry, executive director of the Task Force on National and Homeland Security. "
Security InfoWatch

CHINESE HACKERS PURSUE KEY DATA ON U.S. GOVERNMENT WORKERS
The New York Times

In its third study on unencrypted card data, SecurityMetrics found that 63.86% of businesses store the unencrypted 16-digit sequence on the front of credit cards, also known as the Primary Account Number (PAN)
Help Net Security

The hundreds of cyberattacks against U.S. banks and other institutions in recent years represent a targeted attempt to more broadly disrupt the U.S. financial system, Treasury Secretary Jack Lew said on Wednesday.
Reuters

The Alliance of Automobile Manufacturers and the Association of Global Automakers today officially announced plans to address growing concerns over security weaknesses and vulnerabilities in new and evolving vehicle automation and networking features that could put cars at risk for nefarious hacking. The industry is in the process of forming a voluntary mechanism for sharing intelligence on security threats and vulnerabilities in car electronics and in-vehicle data networks -- likely via an Auto-ISAC (Information Sharing and Analysis Center), the officials say.
Dark Reading

As Windows software vulnerabilities have gradually decreased in the wake of Microsoft's secure development lifecycle approach to writing code, the bad guys have been forced to raise the bar and get more creative. Enter ransomware, a nasty form of malware that not only infects your machine but also locks you out of it -- and in many cases, encrypts the data so you can't retrieve it.
Dark Reading

Small merchants are less willing to handle transactions involving credit card or personal consumer data because of cybersecurity and cost issues, and are turning to third-party payment services.
Network World

The responses to a recent Ponemon Institute survey of 4,881 IT and security professionals offer a glimpse into the state of cybersecurity efforts at companies around the world.
Network World

Pennsylvania State University (PSU) researchers performed experiments examining how people with high-status job assignments assessed security and privacy and how impulsive or patient they were in making decisions.
Penn State News

A survey of Certified Fraud Examiners (CFEs) found that companies around the world lose about 5 percent of their annual revenues to occupational fraud.
Security Magazine

....I believe that there is a tremendous groundswell of new mindsets and talent being developed below all the bad press of gaming systems, iPhones and other technologies. I observe my son and his friends interacting globally and suddenly realize that essentially, this interconnected network of geographically dispersed teens entertaining themselves within graphically represented processes could most likely become the way we work in the near future.
Industry Week

Three Chinese nationals seeking to make "big bucks" broke into the computers of Boeing and other military contractors, stealing secrets on transport aircraft, a U.S. criminal complaint says.
Info Risk

This is an abbreviated portion of the Security Executive Council's strategic planning process that can be used to assist in building your security strategic plan.
SEC

Have you ever sold an old smartphone on eBay? You might be interested to know that the apps, photos and even Google searches on your phone can still be recovered — even if you performed a factory reset.
Mashable

The Senate Select Committee on Intelligence voted Tuesday to approve a controversial cybersecurity bill known as the Cyber Information Sharing Act (CISA).
Forbes

The Chinese government, which already maintains tight restrictions on the country’s media, has issued new warnings to local journalists not to cooperate with foreign news agencies.
Sinosphere

Chinese hackers in March broke into the computer networks of the United States government agency that houses the personal information of all federal employees, according to senior American officials.
New York Times

Wall Street’s biggest trade group has proposed a government-industry cyber war council to stave off terrorist attacks that could trigger financial panic by temporarily wiping out account balances, according to an internal document.
BloombergBusinessweek

Small and medium-sized businesses may think they're immune to the kinds of attacks that wreaked havoc on Target last year, but they're susceptible to the same nefarious forces – sometimes even more so, as they can lead hackers to a bigger prize.
CIO

On Tuesday, the U.S. House of Representatives passed a quartet of homeland security bills focusing on the security of chemical plants, emergency communications, and border security.
Homeland Security Today

Eight European nations on Tuesday agreed to enhance surveillance of Europeans who went to Syria, or are at risk of going, to fight with Islamic extremists in the civil war.
Wall Street Journal

Researchers at Context Information Security have identified a security vulnerability affecting a brand of Wi-Fi-enabled energy efficient light-emitting diode (LED) light bulb made by LIFX.
Help Net Security

Cybersecurity experts say that the addition of renewable energy sources such as solar and wind along with the move towards smart meters are creating new cybersecurity vulnerabilities for the electric grid in the U.S. and some other countries.
Bloomberg

FBI agents in Des Moines, Iowa, on July 1 arrested a Chinese woman who allegedly conspired to steal trade secrets from seed corn companies in the U.S.
AP

The American Petroleum Institute recently announced that it has established the Oil and Natural Gas Information Sharing and Analysis Center, in which cybersecurity experts will analyze malicious software attacks on networks used to run energy infrastructure such as offshore rigs, refineries, and pipelines.
Security InfoWatch

Corporate boards are waking to cyberthreats, grappling with security issues they once relegated to technology experts.
Wall Street Journal

Outsourcing providers may promote themselves as trusted partners to their clients, but when it comes to cybersecurity risk, financial services firms would be wise to treat them as an extension of their own business.
FinOps Report

Security researchers have discovered a way to bypass the two-factor authentication in PayPal's iOs and Android apps.
Dark Reading

High-profile retail data breaches, the discovery of the Heartbleed vulnerability, and a slate of regulatory developments have made cybersecurity a top priority for board and audit committees.
Wall Street Journal

Samsung Electronics reports that its insurance will cover most of the costs associated with Monday's theft of truckloads of merchandise from its factory in Campinas, Brazil.
Bloomberg

The 2014 HireRight Employment Screening Benchmark Report has found that 72 percent of security and HR professionals had found concerns related to applicants or employees using thorough background checks.
Security InfoWatch

Cybercriminals have infiltrated Brazil's Boleto Bancário online payment system to steal potentially billions of dollars, according to RSA. Nearly 200,000 computers in Brazil have been infected in order get access to payment vouchers with an estimated value of $3.75 billion, RSA has determined
eWeek

Blackphone is the first smartphone built with the user’s privacy as its core mandate.
Forbes

New research from Symantec spots US and Western European energy interests in the bull's eye, but the campaign could encompass more than just utilities.
InformationWeek

The hacktivist group Anonymous, in its latest posting, is threatening the "loved ones" of supporters of a Senate cyberthreat information sharing bill that critics contend weakens privacy protections.
GovInfoSecurity.com

Reflecting how all international conflicts now have some digital component, NATO has updated its cyber defence policy to make it clear that a cyber attack can be treated as the equivalent of an attack with conventional weapons.
ZDNet

In an 11-story office building in the Washington suburbs, hundreds of U.S. cybersecurity analysts work around the clock to foil hackers.
BloombergBusinessweek

According to the National Center for Education Statistics, in 2011 the highest percentages of students most afraid of an attack or being harmed while at school were children between the ages of 12-18.
Security InfoWatch

Efforts to patch servers vulnerable to the Heartbleed bug have more or less ceased, according to Errata Security's Robert Graham. Graham had previously performed two scans of servers over 443 since Heartbleed was discovered in April. In
PC World

Hackers disrupted high-speed trading at a large unnamed hedge fund and rerouted data that might be used to make money in rogue stock-market transactions, said Paul Henninger, global product director for BAE Systems Applied Intelligence
Bloomberg

The U.S. Ambassador to China, Max Baucus, said June 25 that the cyber theft of trade secrets by state actors in China has become a major threat to the U.S. economy and national security
Bloomberg

One in four consumers worldwide have been the victim of card fraud in the last five years, according to a survey of consumers in 20 countries by ACI Worldwide and the Aite Group
Help Net Security

There will be 5.5 billion worldwide users of mobile and wearable biometric technology by 2019, according to a new Goode Intelligence report.
Biometric Update

The Occupational Safety and Health Administration estimates that about two million U.S. workers are victims of workplace violence each year and about 10 percent of workplace fatalities are homicides.
Tallahassee Democrat

Officials say hackers gained access to a computer server tied to the Montana Department of Public Health and Human Services in early May, potentially exposing the data of patients, agency employees, and contractors.
Reuters

Gartner analysts who spoke at the organization's recent Security and Risk Management Summit say there are several trends that will change the way IT security is practiced.
Network World

A May 2014 research study by idRADAR found that risk managers typically know consumers are concerned with security, but at the same time consumers are not active in adopting strong practices to safeguard their online privacy and security.
Portals and Rails

Organizations are taking some novel approaches to addressing the threat from increasingly sophisticated cyberattackers who seek to steal their sensitive information.
New York Times

The Department of Homeland Security (DHS) on June 25 reported that it is currently investigating whether the Havex Trojan may have been used in earlier breaches in critical infrastructure
Wall Street Journal

The California electricity provider PG&E said June 18 that it plans to spend $100 million over the next three years on security improvements at an unspecified number of substations.
Contra Costa Times

The explosion occurred only a day after the Russian energy company Gazprom announced that it would be cutting off natural gas supplies to Ukraine due to a dispute regarding pricing.
New York Times

Bob, the first robotic security guard in the United Kingdom, is helping G4S to help secure its headquarters in Gloucestershire. When the metal minder spots something out of place, he stores the information on his internal hard-drive and quickly reports it to his human counterparts.
Daily Mail

Malicious hackers could potentially exploit a new vulnerability in OpenSSL to decrypt and modify traffic to and from some of the most popular websites, according to experts.
IDG News Service

A recent survey conducted by the Risk and Insurance Management Society (RIMS) and Marsh LLC found the following top risks in 2014 as determined by the C-Suite respondents compared to risk professional respondents:
SEC

To help make response time even quicker, reducing the amount of time it takes to respond to a threat, Microsoft launched Interflow, a security and threat information exchange platform that allows quick communication between cybersecurity professionals who respond to cyber threats, hoping to give security professionals an edge.
Security Today

Legislation aimed at modernizing the 12-year-old Federal Information Security Management Act (FISMA) has passed a vote by the Senate Homeland Security and Governmental Affairs Committee on June 25 and is headed to the Senate floor.
SC Magazine

Increased Security Risks At Nnsa Sites, Says New GAO Audit Report Despite the implementation of security reforms at US nuclear weapons and research and development facilities from 2009 to 2012 that “generally varied among National Nuclear Security Administration (NNSA) sites … some of these efforts helped manage security costs and enhance productivity … but may also have increased security risks and reduced security performance at the Y-12 National Security Complex (Y-12) in Tennessee and other NNSA sites, depending on how the sites implemented the reforms,” a new government audit report said.
HSToday.US

The Centers for Disease Control and Prevention says some of its staff in Atlanta may have been accidentally exposed to dangerous anthrax bacteria because of a safety problem at one of its labs.
Continuity Insights

Security Executive Counsil

The biggest security concern for small businesses is undetected malware, according to a survey – conducted by CSID and Research Now – of 505 owners of U.S. companies with one to 99 employees.
SC Magazine

Twitter said Wednesday it fixed a security vulnerability in its TweetDeck application and turned the service back on following a breach that affected users for a few hours.
Wall Street Joutnal

P.F. Chang's China Bistro said there has been a breach involving data from customers' credit and debit cards used at its restaurants, confirming a report out earlier last week.
USA Today

Today’s news that 600,000 customer records have been stolen from Domino’s France and Belgium yet again raises questions about just how seriously large corporations and big brands are taking data protection.
Help Net Security

The “riskiest” pages to visit in 2013 were technology websites, according to data from users of Norton Web Safe, which monitors billions of traffic requests and millions of software downloads per day.
SC Magazine

A class-action complaint has been filed by Kraemer, Manes & Associates LLC and Carlson Lynch LTD against Paytime, a Pennsylvania-based payroll company that experienced a massive data breach in April.
SC Magazine

Even though organizations may have all of the bells and whistles needed in their data security arsenal, it's the human element that continues to fuel cyber incidents occurring, according to one recent study.
SC Magazine

An undisclosed number of AT&T wireless customers has had their accounts broken into, exposing sensitive personal data including Social Security numbers and dates of birth, according to the company.
The Columbus Dispatch

Sen. Al Franken (D-Minn.) will hold a hearing next week on “stalking apps,” which can secretly track people through their smartphones.
The Hill

As the United States continues to reduce its formal military presence in the war on terror, the administration plans to rely more on financial tools to aid counterterrorism efforts, says Treasury Undersecretary for Terrorism and Financial Intelligence David Cohen.
Wall Street Journal

A new study examining the progress of the Department of Homeland Security’s (DHS) Continuous Diagnostics Mitigation (DHS-CDM) program, which standardizes security monitoring across the federal government, indicated that while implementation of CDM has been impressive so far, federal security managers are anxious to pick up the pace.
Homeland Security Today

The Supply Chain and Information Sharing and Analysis Center (ISAC) has released its 2013 Cargo Theft report, which shows a drop in the total number of reported cargo thefts for the first time since 2005.
Security Today

A Memorandum of Understanding has been signed by ONVIF and the Security Industry Association (SIA), under which the two will work cooperatively toward the development of Internet Protocol-based interoperability standards in access control.
Security Today

Two polls of the senior IT security executives who attended Courion's recent annual user conference found that cyberattacks carried out by insiders are common at some organizations, and executives are finding it difficult to reduce the threat of such attacks.
Help Net Security

The U.S. National Science Foundation (NSF) Directorate for Education and Human Resources and Directorate for Computer and Information Science and Engineering have released a Dear Colleague Letter announcing interest in using Early Concept Grants for Exploratory Research (EAGERs) to foster collaboration between the cybersecurity research and computing education research communities.
CCC Blog

Obtaining funding for security projects can be difficult, but if security managers learn how to present a strong and interesting business case, they can improve their chances of having their funding request approved.
Security Management

A study by Michigan State University criminologists that was published in Security Journal has found that many states lack adequate training standards for security guards.
MSU Today

Researchers at North Carolina State University (NCSU) and the University of North Carolina, Chapel Hill have developed a prototype software-based system that would coordinate the activity of networked computers during a cyber attack.
CSO Online

New data from BitSight Technologies shows that major electric utilities rank as among the most secure organizations.
Dark Reading

Even after the Heartbleed bug, some of the most popular websites aren't taking password security seriously, according to a study. More than 80 percent of websites that were examined had subpar password security standards, according to Dashlane's Password Security Roundup report.
CNBC

On May 6, Florida-based Baptist Health System Inc. was the latest in a long line of organizations to resolve a federal lawsuit accusing it of violating the False Claims Act (FCA).
Risk & Insurance

The business environment is becoming riskier, and companies don’t feel they are prepared to manage the risks they believe are the most serious.
Risk Network

At a recent Senate Committee on Homeland Security and Governmental Affairs hearing, the Department of Homeland Security (DHS) reported it has taken steps to speed the process of completing the reviews of the approximately 3,120 chemical facility security plans.
Homeland Security Today

The number of reports of cyber incidents the Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team responded to nearly doubled last year from 2012, but critical infrastructure companies remain reluctant to spend the money needed to upgrade their aging equipment.The number of reports of cyber incidents the Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team responded to nearly doubled last year from 2012, but critical infrastructure companies remain reluctant to spend the money needed to upgrade their aging equipment.
Insurance Journal

Even after the Heartbleed bug, some of the most popular websites aren't taking password security seriously, according to a study.
CNBC

Security experts believe that the next national security crisis will be related to the growing security talent gap, which could potentially leave companies at risk of losing the battle against online criminals because they will not have the manpower to handle attacks.
Security

During the National Venture Capital Association's annual meeting on May 14, a panel of cybersecurity experts commented that tech companies in Silicon Valley are under frequent attack from foreign countries and groups looking to take advantage of potential vulnerabilities.
Wall Street Journal

Hackers operating on the Internet's "Dark Web" are spreading a new, more sophisticated generation of the malicious software known as "ransomware," anonymously shaking down anyone with an unprotected computer, from lawyers and cops to small businesses.
USA Today

A computer hacker once told a congressional committee that he could take out the entire Internet in a half-hour. That was back when the World Wide Web was in its infancy and Google didn't even exist yet.
Stars and Stripes

The Federal Bureau of Investigation will aggressively crack down on cyber crime over the next few weeks, with a bureau official advising the public to anticipate indictments, searches, and multiple arrests
Reuters

The US Retail Industry Leaders Association (RILA), along with several of America's most recognized retail brands, launched the Retail Cyber Intelligence Sharing Center (R-CISC).
Net Security

A Department of Justice proposal would make it easier for FBI investigators to hack into remote devices that have had their location purposefully obscured or that are acting as part of a botnet.
Dark Reading

Consumers rank data breaches and poor customer service high in their effects on brand perception.
Dark Reading

The government's standards-making body on Tuesday announced guidelines for agency technologists and industry engineers on how to bake security into critical systems.
Nextgov

The National Institute of Standards and Technology (NIST) has issued for public review and comment a proposed major update to its Guide to Industrial Control Systems (ICS) Security
NIST

Federal utility regulators and electric utility industry safety groups are increasingly aware of how vulnerable the national electric grids are to cyberattack, but the state commissions that regulate local utilities have responded to the growing risks slowly.
Homeland Security News Wire

In order to protect Chemical-terrorism Vulnerability Information (CVI), the Department of Homeland Security (DHS) established rules for determining what qualifies as CVI, who has access to CVI, how it must be protected, stored, and transmitted.
Israel Foreign Affairs

Orlando, Fla., startup TapShield LLC has designed a mobile app that draws on cloud-based computing, GPS, and social media to connect users to campus security at colleges and universities.
Orlando Sentinel

A recent study by the Ponemon Institute has found that 63 percent of IT security professionals have concerns about their ability to prevent data theft due to shortcomings in their current security systems.
Computer Weekly

One-third of consumers stop shopping at retailers that have been breached, and 24 percent of consumers say they will leave banks or credit card companies that have been breached, according to a Javelin Strategy & Research survey.
Dark Reading

The U.S. Federal Reserve's first line of defense against cyberattacks is the National Incident Response Team (NIRT), which includes about 100 closely monitored employees who sift through the Fed's networks daily looking for indications of hacking.
Foreign Policy

The Internet of Things will catalyze a major paradigm change in IT security on a scale even larger than the shift to mobile, according to a new analysis by Gartner.
Computerworld

Limiting data breaches is complicated by myriad state and territorial laws with different breach notification requirements, incomplete notification disclosures, and suspicions that breaches are underreported or even not disclosed at all, writes the Atlanta Fed's David Lott.
Portals and Rails

Derek Conz, the security team leader at Heartland Regional Medical Center in Missouri, says that 13 security guards will be authorized to carry and use a .9-millimeter pistol during patrol duty on the hospital's campus beginning May 1
St. Joseph News-Press

Baptist Health Care Network is the largest, non-governmental employer in northwest Florida, with employees and physicians totaling more than 6,000.
Security Today

Officials from the Department of Homeland Security (DHS), the State Department, the FBI, and the National Counterintelligence Directorate said that Israel goes to far in its efforts to spy on the United States.
Homeland Security News Wire

Cybersecurity experts are warning organizations about the threat from cyberattacks that use offensive forensics techniques to steal data stored in a computer's memory.
CSO Online

Last week, we shared the scary news that a ring of tax refund fraudsters appeared to have filed tax returns on behalf of hundreds of doctors and other health care professionals, harvesting their refunds.
Consumerist

Ponemon Institute report shows more encryption across cloud environments, but only a modest increase over the years.
InfoWorld

At a keynote speech in Washington last month, former CIA director Leon E. Panetta warned that cyberspace is the "battlefield of the future."
The Washington Post

Phishing attacks targeting telecommunication companies' customers, which result in account takeovers, are on the rise, according to the Federal Bureau of Investigation and the Internet Crime Complaint Center.
Bank info Security

The schemes involve using automated telephone calls, or vishing, and SMS texts, or smishing, to lure customers to phishing sites that replicate telecommunication companies' sites, requesting the victims' log-in credentials and the last four digits of their Social Security numbers.
FBI

Engineers at the security company discovered on April 4 the flaw in the cryptographic protocol OpenSSL and christened it the Heartbleed bug (see: Heartbeat Bug: What You Need to Know).
Bank info Security

Read an excerpt from the 2014 Data Breach Investigations Report.
Verizon

Cybersecurity frameworks, supply chain risks and malicious insiders - these are among 2014's hot topics, according to Alan Brill, senior managing director at Kroll Advisory Solutions.
Bank info Security

From the National Cybersecurity and Communications Integration Center (NCCIC): Threats, to include sabotage, theft, espionage, fraud, and competitive advantage continue to materialize from those considered to be insiders of an organization.
US Department of Homeland Security

Cyberattacks on computer networks around the world reached 1.7 billion in 2013, up from 1.6 billion in 2012.
Homeland Security News Wire

Earlier this year, Wired.co.uk wrote about Google's invention of a smart contact lens that could monitor blood glucose levels through tear fluid. Now, the tech giant has invented another pair of lenses with an in-built camera.
wired.com.uk

Each year, the Internet Security Forum, a nonprofit association that researches and analyzes security and risk management issues, releases its 'Threat Horizon' report to provide members with a forward-looking view of the biggest security threats over a two-year horizon. Here are the top 10 threats through 2016.
CIO

Critics say that the North American Electric Reliability Corp.'s proposed rules for protecting the power grid are not strong enough, partly because they do not include specific suggestions made by federal regulators following the 2013 attack on a substation near San Jose, Calif.
Wall Street Journal

While more than $35 million of goods are stolen from U.S. retailers every day — costing businesses more than $13 billion a year — external theft is just one of a host of security threats businesses face
South Coast Today

The U.S. Federal Emergency Management Agency announced a three-year, $800,000 grant to several universities to research ways to prepare for, detect, and respond to cyberattacks.
Network World

Eighteen percent of U.S. adults with Internet access say their personal information was stolen in a data breach, according to a Pew Research Center survey, up from 11 percent in July.
Washington Post

The nation's largest financial institution, JPMorgan Chase, is taking an appropriate leadership role by describing how it's ramping up its security efforts, say analysts, who assess the bank's plans for three cybersecurity centers.
Bank info Security

Mobile applications can be as vulnerable to the Heartbleed bug as websites, warns security vendor Trend Micro.
Bank info Security

The National Retail Federation (NRF), the world’s largest retail trade association, has announced plans to create a retail and merchant industry information sharing and analysis center that will help companies deal with cyber threats.
Softpedia

The Heartbleed security flaw was fixed in the newest version of OpenSSL, but you should still change your passwords on all of the sites affected by the bug.
VB News

Heartbleed, the massive flaw in web encryption recently made public, is just one of the unending stream of vulnerabilities that enables hackers to steal personal details and passwords from companies with which you do business.
Forbes

BitSight, a company that collects large quantities of data every day from sensors located in public servers and from partners, recently conducted a cyber vulnerability survey for KKR that examined the levels of cyber risk for 75 of the private equity firm's portfolio companies.
Wall Street Journal

A new survey commissioned by ADT has found that only a third of small- and medium-sized retailers have complete confidence in their current security systems.
Security Director News

Sharing data between companies about cybersecurity threats will not cause antitrust concerns, according to guidelines issued by the Federal Trade Commission and Justice Department on Thursday.
New York Times

Federal Energy Regulatory Commission (FERC) acting Chairwoman Cheryl LaFleur told lawmakers Thursday that her agency will perform a full review of the chain of custody of all documents following the release of sensitive information about the impact of a physical attack on the nation's electric power grid.
Wall Street Journal

A new EMA survey of employees in government, public and private companies, and nonprofits conducted found a majority still receive no security awareness training whatsoever.
Help New Security

Organizations are generally discovering cybersecurity breaches earlier, and they are increasingly having to turn to outside help to do so, according to a new FireEye report.
Help Net Security

Trove of Software Flaws Used by U.S. Spies at Risk
BloombergBusinessweek

Cindy Fornelli, the executive director of the Center for Audit Quality, writes that deepening collaboration and ensuring effective communications among key players is the key to effectively fighting cybercriminals.
Pulse

The U.S. government and the aviation industry on April 15 launched the Air Domain Intelligence Integration Center and an analysis center, which will be used by government and industry officials to share information on cyber threats.
Wall Street Journal

On 8 and 9 April 2014 law enforcement agencies from across the world, supported by the European Cybercrime Centre (EC3) at Europol, joined forces with the airline, travel and credit card industries in the largest ever attack upon online fraud and illegal immigration.
Europol