With apologies to Troy Hunt, the last thing you want to see in the morning as you're having your first cup of coffee and scanning the interwebz for cat videos is a notice from his "Have I Been Pwned" breach-alert service.
In the wake of a recent breach of the Singapore Ministry of Defense's I-net system, the ministry has unveiled a cyber defense strategy to help guard against similar attacks. Some 2,600 cyber defenders will be trained.
Hackers have been targeting the likes of AOL and Yahoo, in part, because a certain generation of users - including many senior U.S. officials - continue to use the services to send and store state secrets. Let's make sure future generations don't make similar mistakes.
U.S. prosecutors are expected to soon issue indictments charging four individuals with launching hack attacks against Yahoo, Bloomberg reports. But it's unclear to which of the two massive Yahoo breaches the charges might relate.
FireEye's Mandiant investigative unit is seeing a revival in tried-and-true hacking techniques, ranging from social engineering to the snatching of OAuth tokens. Why are these old techniques still working?
FBI Director James Comey worries about data corruption, and he's focused on hackers altering data. But if government leaders feed false information into computer systems, what should IT and IT security practitioners do to protect data integrity?
IRDAI's draft information and cybersecurity framework developed in collaboration with industry working groups is set to be finalized soon. The draft is fairly comprehensive and will set a serious tone for security at a board level, experts say.
A coding error by Cloudflare exposed data relating to more than 2,500 Singapore websites owned by various organizations in private and public sectors. SingCERT has issued a related security advisory with mitigation steps, but do such alerts prompt action?
In an analysis of Verizon's new Data Breach Digest 2017, Ashish Thapar, the company's APJ managing principal for investigative response, highlights the need to improve the security of the IoT infrastructure and offers breach response insights based on case studies.
New ransomware circulating via BitTorrent is disguised as software that purports to allow Mac users to crack popular Adobe and Microsoft applications. Separately, new ransomware calling itself Trump Locker appears to be the previously spotted VenusLocker ransomware in disguise.
Every year, information security professionals flock to San Francisco for the annual RSA Conference. From the debut of "Trumpcryption" to cybersecurity's "greatest hits" set to hip-hop violin, here are some of the 2017 event's highlights.
The proposed creation of a CERT dedicated to serving India's financial sector is good news. But working out a realistic framework for its activities and defining its role in ensuring stronger security for the sector will prove challenging.
FS-ISAC is collaborating with the Monetary Authority of Singapore to establish the Asia Pacific Regional Intelligence and Analysis Center to encourage regional sharing and analysis of cybersecurity information within the financial services sector. Security experts weigh in on the value of the initiative.
Fighting back against the ransomware epidemic requires making sure that a wide variety of best practices for security hygiene are in place, says Mohit Puri of security vendor Sophos Technologies, who spells out essential steps.
Say hello to Fruitfly, the first piece of Mac malware to be discovered this year. The two-year-old malicious code is odd - it includes code that dates from the late 1990s - and appears to be designed to exploit biomedical institutions via targeted attacks.