Skip the navigation

More Cybercrime and Hacking In Depth

How to protect yourself against privileged user abuse

The typical organization loses 5% of its revenues to fraud by its own employees each year, with most thefts committed by trusted employees in executive management, operations, accounting, sales, customer service or purchasing, according to the Association of Certified Fraud Examiners (ACFE). This type of malicious behavior by "privileged users" who have been given broad access to the company's computer assets has captured the attention of CIOs across the country.

Six ways to prevent a breach like the one at AT&T

A data breach like the one recently reported by AT&T demonstrates that security policies alone are only a paper tiger without the technological teeth to make sure they are enforced, experts say.

'Oleg Pliss' hack makes for a perfect teachable IT moment

Earlier this week, some iOS device owners woke up to discover that "Oleg Pliss" had hacked their iPhones and iPads and locked them up. The hack could have been worse, says Ryan Fass, which is why it's a good lesson in security that IT staffers should use.

U.S. set to charge Chinese military officials with hacking

The U.S. Department of Justice is preparing to charge Chinese military officials with hacking US companies to obtain trade secrets.

Evan Schuman: Killer robots? What could go wrong? Oh, yeah ...

The UN wants to talk about killer robots as 'conventional weapons.' Someone needs to learn the IT facts of life: If something can go wrong, it will.

Ira Winkler: My run-in with the Syrian Electronic Army

The hacker group dedicated to supporting Syria's dictator wasted an attack vector on trying to embarrass the writer. Will the SEA's handlers in the Syrian intelligence services approve of such immaturity?

CIO Discovers the 'Terrifying' Reality of Cloud Apps Running Wild

Rogue cloud services are ripping gaping holes in the security fabric of most companies, putting the CIO in a tough spot. But as the fallout from the Target attack shows, IT and business leaders will go down together if the breach hits the fan.

Evan Schuman: Resurrection of Full Disclosure mailing list is great news, if you're not a cyberthief

The alternatives to an independent list like Full Disclosure can't match it for stopping new cyberattack tactics.

Security Manager's Journal: Stopping vendors from making us a Target

The data breach suffered by Target could make it easier for our manager to make some needed changes in his company's vendor management processes.

The new security perimeter: Human Sensors

Security Manager George Grachis discusses the current cyber threat landscape and why Human Sensors, our users, are our most underutilized resource that can make all the difference

Security Manager's Journal: Thousands of dollars in phone calls? Management hates that.

Problem arose after a consultant made a configuration change, opening up control ports to the Internet, with no authentication required.

Everything You Know About Enterprise Security Is Wrong

Whether you're talking about your network, your company's building or your home, a perimeter approach to security is no longer adequate. As McAfee discussed at this week's RSA Conference, you can't provide physical or electronic security simply by trying to prevent authorized access -- you have to rethink all types to security to protect data and lives.

How to Test the Security Savvy of Your Staff

How do you know your employees retain what you teach them in company-required security awareness training? You don't -- unless you regularly test their security savvy and effectively address their mistakes during post-test follow-up sessions.

McAfee Offers Global Response to Nationalized Malware

In medieval times, kings let barbarians break down the castle gates but made sure they paid the price once they got inside. McAfee's approach to security takes a similar approach -- since data breaches are inevitable, companies should worry less about the perimeter and more on catching the bad guys in the act.

Tech Industry Praises Cybersecurity Framework From White House

Leaders of the tech sector laud the Obama administration's rollout of voluntary cybersecurity guidelines, but broader private-sector adoption could remain a challenge.

Ira Winkler: 6 failures that led to Target hack

The storyline that a single point of failure allowed a sophisticated attacker to steal millions of card numbers from Target just doesn't hold up.

Security Manager's Journal: Cyberattacks just got personal

Recent data breaches suggest that retailers are security laggards, but the professionalism of the attacks should worry just about anyone.

McAfee Security Report Suggests 2014 Will Be a Rough Year

Smartphones, social networks, PCs, servers, cloud services, governments and national infrastructure all face security risks in 2014, according to the latest McAfee security report. On, and virtual currencies are being used to fund serious crimes. So, who wants a new career?

Security Manager's Journal: Target breach unleashes fresh scams

Scammers are nothing if not innovative. It just goes to show that the best defense is an educated workforce.

Target's security: Better than I thought

The way Target deployed triple DES encryption for debit card PINs makes its statement about the unlikelihood that they were in danger much more believable.