The arrests of seven men allegedly linked to a skimming operation that targeted ATMs at retailers, including hotels and gas stations, is yet another indicator that U.S. merchants need to beef up the security of these devices.
The rise in RFID-based contactless payment cards has led to increased concerns that fraudsters could wirelessly crack cards' secret cryptographic keys. But a team of MIT researchers has debuted defenses against such hack attacks.
The Office of Personnel Management is addressing three cybersecurity deficiencies identified by the agency's inspector general as contributing to a significant data breach, Beth Cobert tells a Senate panel considering her confirmation as the new OPM director.
The new EU-U.S. data transfer agreement will be called "Privacy Shield." Beyond that, however, the actual details of the agreement - and whether it will pass muster with the EU's privacy commissioners or high court - appear to be a work in progress.
Sometimes language barriers can be a good thing: Many malware-wielding cybercriminals have historically targeted users in North America and Europe over Japan, owing to linguistic challenges. But that's changing.
Law enforcement and intelligence agencies will have plenty of chances to snoop on criminals, terrorists and citizens even as communications vendors enable default encryption on mobile devices, a study from Harvard University says.
British bank HSBC warned customers on Jan. 29 that it's been defending itself against distributed denial-of-service attacks, just two days before a major U.K. tax deadline. Security experts say botnet-driven disruptions of U.K. sites have risen sharply.
The U.S. government's intrusion detection and prevention program known as Einstein has limited ability to detect breaches of federal information systems, according to a new Government Accountability Office report.
Congressman Will Hurd has a simple request for U.S. government agencies: Have you been using vulnerable Juniper Networks devices? But Congress needs to consider tougher questions about its culpability in this backdoor debacle.
Cybercriminals are in mourning after the shocking announcement from Oracle that it will deep-six its beloved Java Web browser plug-in technology, owing to browser makers failing to support "standards based" plug-ins.