The takedown of an Eastern European gang believed to have been responsible for a string of ATM jackpotting attacks serves as a reminder of why ATMs running outdated operating systems and universal access keys pose significant worldwide security risks.
The New York Attorney General's settlement with taxi-hailing platform Uber - over alleged customer data privacy violations and a delayed data breach notification - provides a best practice security template for any organization that handles customer data.
Today's enterprise infrastructure is full of blind spots that can hide malicious threats, and traditional security tools struggle to scale up to meet increased demands. How must security leaders respond? Amrit Williams of CloudPassage shares insight.
Slamming a Ukrainian energy provider for recently falling victim to a spear-phishing email and Excel macro attack might be easy. But security experts recommend all organizations use the incident to ensure they won't fall victim to copycat attacks.
A judge has dismissed a class-action lawsuit against Michaels, filed after the retailer warned that POS malware-wielding attackers had successfully stolen details of an estimated 2.6 million payment cards. But the ruling isn't a surprise - here's why.
The Federal Trade Commission's latest cybersecurity-related enforcement action points to the need to carefully scrutinize the claims software companies make about the security functions of their products.
Reports on the Ukrainian energy supplier hack have left many crucial questions unanswered: Who was involved, did malware directly trigger a blackout and are other suppliers at risk from similar attacks? Cybersecurity experts offer potential answers.
A power blackout that recently affected about 1.4 million Ukrainians has been tied to an espionage Trojan called BlackEnergy. The attack appears to be the first time that hackers have successfully used malware to help disrupt energy-generation systems.
An inspector general report on a Federal Reserve audit raises more questions than it answers regarding the security risks facing one of the Fed's information systems. The executive summary of the audit fails the transparency test to inform the public.
To minimize the risk of business email compromise schemes and similar types of fraud, senior executives at businesses should avoid posting information about their activities on social media and other accessible forums, says security expert Chuck Easttom.
Four years after European criminals exploited EMV implementation vulnerabilities to steal an estimated $650,000, security experts say not all banks have adopted full fixes. But the payment card industry contends related mitigations are in place and working.
The top video interviews of the past year featured, among others: Bob Carr of Heartland Payments, Eduardo Perez of Visa and cybersecurity attorney Joseph Burton. Check out their thought-provoking insights.
Adobe is warning Flash users to update their software immediately in the wake of zero-day attacks that can enable attackers to take full control of vulnerable systems. This year, Adobe has patched 316 bugs in Flash. Is it time for the plug-in to die?
Banking and government institutions, and other organizations that employ Juniper Networks gear, are being actively targeted after the company warned that it discovered that someone added a backdoor to the firmware in 2012. Who's responsible?