What security and technology issues are top concerns for 2015? The transition to new payment methods and shoring up gaps in basic security practices, according to industry leaders at two ISMG summits last week.
Security vendor Proofpoint warns that a "malvertising" campaign has been launching ransomware attacks against users of numerous high-profile websites, including search site Yahoo, dating site Match.com, and an AOL real estate site.
Target Corp. and several banking institutions continue to argue back and forth over the retailer's request to dismiss a consolidated class action lawsuit the institutions filed following the retailer's December 2013 data breach.
Apple CEO Tim Cook traveled to China in the wake of allegations that hackers are targeting Chinese iCloud users. The Chinese government has denied any involvement in the attacks, which can bypass the latest iPhone's stronger encryption.
In the wake of a suspicious "technical" issue that took down part of Bank of England's payments network earlier this week, Cytelligence's John Walker, a presenter at ISMG's APT Summit in New York, explains why weak perimeter defenses are likely to blame.
Almost all versions of Windows are vulnerable to an OLE flaw that is being actively exploited in the wild. This is the second zero-day vulnerability tied to the so-called "Sandworm Team" of hackers, and no patch is yet available.
An FBI official on Oct. 20 said the hacks of JPMorgan Chase and other U.S. banks do not appear to have been in retribution for Western economic sanctions against Russia. But FBI investigators still have not determined who was behind the attacks.
Staples has confirmed that it's investigating a potential data breach after a report warned that elevated levels of payment card fraud had recently been tied to card numbers used by consumers who shopped at the office supply retailer.
Despite President Obama's urgent call to lawmakers to enact a national data breach notification law, such legislation will not likely be voted upon before the current Congress adjourns at year's end. Here's why.
In addition to adopting the right IT security standards to mitigate advance persistent threats, organizations need to pick the right people to carry out those standards, says Jon Long, a featured speaker at ISMG's Global APT Defense Summit on Oct. 22.
In the wake of recent payment card breaches, President Obama is taking steps to speed the adoption of EMV cards. He's also calling on Congress to enact a national data breach notification law and announcing a White House summit on consumer cybersecurity.
"Cybercrime as a service" and the globalization of attacks are two of the trends noted by cyber-intelligence firm Group-IB in its third annual High-Tech Crime Report. Group-IB's Alexander Tushkanov explains the lessons that can be learned.
Disconnecting systems from the Internet via an "air gap" is supposed to make the data they store harder to steal. But at Black Hat Europe, cryptographer Adi Shamir demonstrated how a laser and drone can be used to bypass air gaps.
TD Bank has agreed to a multi-state settlement in the wake of a 2012 data breach involving the loss of two backup tapes that may have exposed personal information on about 260,000 of the bank's customers. Learn the size of the penalty.
Security experts urge organizations to disable support for SSL on clients and servers because of flaws in the cryptographic protocol that could be used to impersonate website users and decrypt HTTPS traffic.