Robert Lemos

Specialty sports-apparel retailer Genesco filed a lawsuit on March 7 against Visa seeking to recover nearly $13.3 million in fines that the credit-card company levied following a breach of the retailer’s systems that may have resulted in fraudulent transactions. The civil case could be the most significant test to date of the Payment Card Industry’s […]

Alleged hacktivists again launched denial-of-service attacks against major U.S. banks last week, causing some disruption at a handful of financial institutions. While the group behind the attacks continue to pose as hacktivists, the longevity of the campaign—now entering its sixth month—has some security experts arguing that the attacks are a well-funded operation. On March 5, […]

Security researchers claimed nearly $500,000 in bounties for demonstrating previously unknown—or zero-day—attacks against all major browsers and three popular browser plug-ins at the annual Pwn2Own competition at the CanSecWest conference in Vancouver, B.C. The three-day contest, which ends March 8, requires that security professionals play the role of attackers and compromise fully patched versions of […]

Nations around the world have made spotty progress on national policies to support cloud computing and digital commerce, with a few standouts, such as Singapore, passing solid privacy and security regulations, according to a survey of 24 countries by the Business Software Alliance. In the “2013 BSA Global Cloud Computing Scorecard,” Asian nations ran the […]

Police charged a Maryland man on March 1 for allegedly possessing illicit images of children, following a tip from his cloud storage provider Verizon, which had detected the images in an online sweep of its service. William Steven Albaugh, 67, a deacon at St. Joseph’s Roman Catholic Church, was arrested at home, where a search […]

Online storage service Evernote warned users on March 2 that unknown attackers had compromised its system and gained access to the information on more than 50 million users, including encrypted password files. Evernote moved to assure customers that their data and payment information remained safe, but conducted a password reset for all 50 million users […]

SAN FRANCISCO—Information sharing—or the lack of sharing—has become a prominent point of contention between private corporations and government agencies. The issue is even more of a problem for critical infrastructure providers, control-system experts said at the RSA Conference. While there are hubs of activity around security in critical infrastructure, companies tend not to share vulnerability […]

SAN FRANCISCO — Security researchers and defenders are using increasingly aggressive tactics to put pressure on attackers and make their adversaries’ mistakes more costly. In the latest example, managed security firm Dell Secureworks discovered a successful campaign that stole information from at least four organizations by co-opting the attackers’ command-and-control infrastructure, the firm announced at […]

SAN FRANCISCO—When asked whether their companies had as many information-security workers as they needed, attendees at the Cloud Security Alliance (CSA) Summit here just snorted and laughed. With stolen intellectual property and data breaches regularly making headlines these days, no company or government agency feels that they have the resources they need to secure their […]

An analysis of exploit and malware traffic inside corporate networks found that social networks account for few attacks, while 97 percent of exploit traffic focused on 10 applications, nine of which were critical business applications. The analysis of log data from 3,056 companies underscores that internal corporate applications, not multimedia and social-networking applications, are the […]