Robert Lemos

The National Institute of Standards and Technology released a long-awaited framework on Feb. 12 that gives companies a standardized way to measure and compare their security, but does little to convince firms to take the necessary steps to secure their networks, industry experts said. Published exactly a year after the Obama administration issued its executive […]

An industry consortium that aims to establish online standards for two-factor and biometric authentication released the first draft of its technical specifications this week. The Fast Identity Online (FIDO) Alliance published a draft of its technical document on Feb. 11 to allow nonmember companies to check out the specifications and develop products without actually joining […]

A sophisticated cyber-espionage network compromised more than 380 companies, government agencies and organizations in more than 30 countries over the past seven years, according to a research report released by security firm Kaspersky Lab on Feb. 10. The network is the result of two malware programs: one called Careto—Spanish slang for “the mask”—and the other […]

The U.S. Department of Homeland Security, Department of Energy and other government agencies have serious security shortfalls—from weak passwords to failures in patching critical software—that have left the agencies vulnerable to attack, according a report issued Feb. 4 by the minority staff of the U.S. Senate Homeland Security and Governmental Affairs Committee. The report, published […]

The group that stole more than 40 million credit- and debit-card accounts from retail giant Target’s network reportedly gained access through the company’s heating, ventilation and air-conditioning (HVAC) vendor, highlighting the importance of limiting third-party access to corporate networks, security experts said. On Nov. 15, attackers compromised the network of HVAC vendor Fazio Mechanical Services […]

A criminal group has used custom-built malicious software, cheekily named “ChewBacca,” to infect systems at more than 45 retailers and steal their customers’ credit- and debit-card details, according to an analysis published by security firm RSA. Once installed, the ChewBacca malware monitors the memory of running processes and checks for data that matches the format […]

The largest distributed denial-of-service attacks jumped in size in 2013, with the most intense topping 300G bps, triple the bandwidth of the previous largest attack, according to a report published by Arbor Networks on Jan. 28. The dramatic increase in bandwidth was caused by attackers’ adoption of reflection techniques, which use vulnerable servers to turn […]

Former National Security Agency contractor Edward Snowden answered questions about the pervasive collection of data by the intelligence agency and his reasons for leaking classified documents on the NSA’s operations and capabilities. In an interview arranged by legal-defense fund site Courage Foundation on Jan. 23, Snowden, who many consider a traitor and others consider a […]

Neiman Marcus confirmed that the company had become the latest retail chain to have been breached by online thieves, who stole more than 1.1 million credit- and debit-card accounts from the company’s computers. In a statement published online on Jan. 22, Neiman Marcus President and CEO Karen Katz said retail terminals had been infected with […]

Hacktivists, nation-state hackers and cyber-criminals expanded their operations and demonstrated more sophisticated capabilities in 2013, suggesting that the number of significant cyber-attacks will continue to grow in the coming year, according to an annual report released by security services firm CrowdStrike on Jan. 22. While groups linked to China continued to account for the lion’s […]