The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.
Initial reports suggested that Russian hackers could behind an attack against JPMorgan Chase, and perhaps other U.S. banks. While it's still far from clear who the culprits are, experts discuss the potential hacking motivations of a nation-state.
PeaceHealth, a healthcare system in the Pacific Northwest, has devised a practical way to apply the NIST Cybersecurity Framework to its breach prevention efforts. Learn about the steps involved.
The killing of an unarmed teen by police in Ferguson, Mo., has Anonymous sympathizers disagreeing on Twitter when and how to expose the identity of the shooter.
Federal investigators announced five more arrests this week in connection with a $45 million ATM cash-out and prepaid card fraud scheme. Learn why experts expect these types of crimes to become even more common.
FS-ISAC has issued a white paper with tips on streamlining third-party software risk assessments. One member of a new working group explains why the adoption of standard security controls is so critical.
More than two-thirds of IT security specialists working for the U.S. federal government say their agencies are ill-prepared to adequately defend their IT systems, a new survey reveals.
IT security pros see metrics as a useful tool to validate operational performance. But many organizations' top leaders evaluate security on cost. It's time to bridge that gap.
South Carolina's Revenue Department went nearly a year without a chief information security officer before its tax system was hacked this summer. The agency's chief says the state couldn't find a qualified candidate for the job that pays $100,000 a year.
TD Bank's October breach notification about two backup tapes lost in March is difficult to justify, legal experts say. As a result, the bank could face lawsuits, as well as state fines.
The guidance discusses methods, techniques and best practices for the sanitization of target data on different media types and risk-based approaches organizations can apply to establish and maintain a media sanitization program.
Two hefty fines issued as part of recent HIPAA settlements reveal that the Office for Civil Rights is getting tougher on enforcing compliance - especially when it comes to risk assessments.
FTC settlement agreements in two cases involving data exposed on peer-to-peer networks offer a reminder of the risks involved in using the networks. Social Security numbers, healthcare information and other personal details were exposed.
The online dating website eHarmony has warned a "small fraction" of its users of a June 6 breach that likely exposed hashed passwords. Whether the incident is related to a LinkedIn breach has not been confirmed.
From mobile and the cloud to DDoS attacks and risks surrounding big data, what should banks and credit unions do now to mitigate exposure? Gartner's Anton Chuvakin offers his top recommendations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.