The Yahoo breach - and the theft of unencrypted security questions and answers - is a reminder to use unique passwords and security questions, store them using a password safe and take advantage of two-factor authentication whenever it's available.
Security expert Sean Sullivan isn't surprised that the massive 2014 breach of Yahoo, which exposed at least 500 million account details, only recently came to light. Here's why, as well as what users must learn from this breach.
Don't leap to conclusions on the basis of a new report that suggests Yahoo is preparing to warn the world that it was hacked and lost hundreds of millions of users' account credentials. Someone may simply have harvested passwords reused on other sites.
The massive Sony breach spelled out the risks facing any business that deals in digital content. Here's how David Hahn, CISO of publishing giant Hearst, keeps the cybersecurity conversation going with his board of directors.
If Russia is, indeed, meddling with the U.S. election, there's an obvious explanation: It's irritated by U.S. policy. But if Russia's frustration is being expressed through cyberattacks, how can the U.S. respond?
A new research project called Amnesia tackles the password management problem by not storing full data in any one place where it can be hacked. But does this proposed solution truly offer better password security?
Do you have $100,000 burning a hole in your pocket and an abiding love of bitcoins? If so, then the U.S. Marshals Service has an offer you can't refuse: Bid on bitcoins seized in some high-profile investigations, including the Silk Road takedown.
MacKeeper failed to alert customers earlier this year that for at least four weeks, its anti-virus software wasn't receiving regular signature updates. Industry experts say any such delay is unacceptable for an AV vendor.
The release this week by the PCI Security Standards Council of a new PCI compliance resource for small merchants is being lauded by the banking and payments community. But how effective will the resource be at actually convincing merchants to move forward with PCI compliance?