As CEO of ForeScout Technologies, which focuses on continuous monitoring of networks, T. Kent Elliott says he has to anticipate the next generation of vulnerabilities. So what's the most significant emerging risk? The Internet of Things.
A breach notification letter sent by Sony Pictures Entertainment to its employees offers a conclusive look at the amount of personal information, including healthcare data, taken by hackers following a Nov. 24 "wiper" malware attack.
Three weeks after attackers launched a wiper malware attack against Sony Pictures Entertainment and began leaking stolen data, Sony has threatened legal action against media outlets that publish related information.
U.S. card issuers and retailers agree tokenization has to be part of the country's EMV migration. But making investments in tokenization won't make sense for merchants until a universal, open standard for tokenization is developed.
A report claiming that Las Vegas Sands Corp. was hit with a "wiper" malware attack back in February, similar to one that recently affected Sony Pictures Entertainment, illustrates why more organizations need to mitigate the risks of such an attack.
The so-called Red October APT gang may have emerged from hiding. Two research firms report finding advanced attacks that target firms across the financial, oil and engineering sectors, as well as government embassies, primarily in Eastern Europe.
Security experts see the FIDO Alliance's release of two universal authentication specifications as a positive move in the effort to eliminate passwords. But the standards' impact will be minimal unless they're widely adopted.
A recent blog post by Managing Editor Mathew J. Schwartz, "Why Are We So Stupid About Passwords?" raised a number of issues about the ongoing risks involved in using passwords for authentication. Read the strong reaction to the commentary and join the conversation.
A new version of the Destover malware includes a legitimate certificate from Sony. But a researcher claims it's a hoax. Meanwhile, new evidence emerges that the hackers who attacked Sony Pictures Entertainment had criminal - not nation-state - intentions.
Security experts are sounding warnings that a flaw known as POODLE, revealed Oct. 14, can now be used to decrypt some Internet communications secured using TLS. Vendors have begun describing workarounds and issuing patches.
The "wiper" malware attack against Sony Pictures Entertainment has numerous commonalities with previous wiper attacks in Saudi Arabia and South Korea. This infographic summarizes the attacks and highlights their similarities.
The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.