USB devices and ports pose serious risks, and they aren't going away anytime soon. But researchers say they've developed a way to block malicious actions by USB devices to help prevent attacks such as "BadUSB."
Retailer Eddie Bauer is warning customers that their payment card data may have been compromised by point-of-sale malware during a six-month attack. The warning follows HEI Hotels & Resorts disclosing a 15-month malware attack affecting 20 locations.
Police have arrested an employee of U.K.-based accountancy and business software developer Sage Group after a data breach. Meanwhile, a report has emerged that some customers are using its software in an unsecured manner.
In an in-depth interview, Ron Ross of the National Institute of Standards and Technology explains pending revisions of guidance on how organizations outside the U.S. government should protect sensitive federal data.
Vikrant Arora, CISO of NYC Health & Hospitals, offers the four most important questions a board must ask the CISO to get a good understanding of how the organization is addressing top cybersecurity concerns.
In mulling whether to designate the U.S. electoral system as critical infrastructure, the question arises whether those additional safeguards should focus solely on the voting process itself or be extended to other components, such as political parties.
Malware researcher Ivan Kwiatkowski unleashed ransomware on tech-support scammers after his parents stumbled across a site warning they'd been infected by Zeus. Despite the feel-good factor, however, security experts advise against hacking back.
If intelligence or law enforcement agencies know that an organization's information systems are being attacked, when should they alert the victim, if at all? What if the victim is a political party? Here's a look at the issues raised by the Democratic National Committee hack investigation.
Is the recent breach at HEI Hotels & Resorts linked to the hack of POS systems provider MICROS? And have other POS vendors been breached as well? Security experts offer their analysis and size up vendor vulnerabilities.
An unparalleled mystery has piqued the security community's curiosity. A group calling itself the "Shadow Brokers" claims to have stolen code and exploits from the Equation Group, a nation-state spying group suspected to be affiliated with the NSA.
It's easy to look at the payments landscape and see only the flaws. But payment card security has come a long way in the past 10 years, thanks in large part to the PCI Data Security Standard. How will card security be refined in the coming decade?
The head of the nearly year-old ISAO Standards Organization, Greg White, describes how fledgling Information Sharing and Analysis Organizations can help create an information sharing ecosystem aimed at making IT more secure at enterprises of all sizes.
A new research project called Amnesia tackles the password management problem by not storing full data in any one place where it can be hacked. But does this proposed solution truly offer better password security?
In today's environment, federal and state regulators come at breached companies from all angles, with requests for investigative information, breach response plans and fines. Attorney Deborah Gersh explains why so many agencies stake their claims in breach response.
To facilitate faster decision-making, better cost control and increased transparency, many organizations now task a single executive to oversee all security, privacy and risk functions, says ADP's Roland Cloutier.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.