A payment card breach at an Indiana resort signals that similar incidents will occur throughout 2015 as businesses continue to deal with malware and point-of-sale attacks, one security expert says.
Despite bipartisan rhetoric, comments from lawmakers and witnesses at a Jan. 27 House hearing illustrate why reaching a consensus on a national data breach notification law remains a challenge.
The Malaysia Airlines website was the victim of an apparent DNS settings attack on Jan. 26, for which the hacking group Lizard Squad claimed credit. The hacking group began leaking some travelers' itineraries.
The Regin espionage and surveillance malware offers attackers advanced capabilities, but a new analysis of two recovered modules finds the components are basic and unveils potential clues to the identity of its creator.
Grocery chain Schnucks has won a court ruling against its payments processor and merchant bank, setting a $500,000 cap on how much it must pay for a 2012 POS breach. Learn how imprecise contract terms played an important role in the ruling.
Cybersecurity has been a priority of the Obama presidency from the get-go. But do all of his cybersecurity actions, unprecedented among American presidents, make him a cybersecurity leader?
President Obama urged Congress in his State of the Union address to pass legislation to better meet the evolving cyberthreat, but spent very little of the speech explaining its dangers or detailing his cybersecurity legislative agenda.
In the aftermath of a payment card breach, as fraudsters race to exploit the stolen information, card issuers and affected customers take steps to mitigate risks. Here's a look at the lifecycle of a payment card breach from three perspectives.
The U.S. likely won't complete its implementation of EMV for many years to come, despite the October 2015 liability shift date for counterfeit card fraud, many forecasters say. And until it's fully deployed, EMV will have little impact on fraud.
New York State Attorney General Eric Schneiderman proposes updating state law to require businesses, including out-of-state firms with New York customers, to implement new safeguards to protect personal consumer data they store.
ENISA - the EU agency responsible for bolstering European cybersecurity practices - is calling on Internet infrastructure providers to adopt best practices for combatting routing threats, DNS spoofing and poisoning attacks, as well as DDoS disruptions.
The FBI's attribution of the attack against Sony Pictures Entertainment to North Korea was based, in part, on NSA intelligence gleaned from the agency having infected a significant number of North Korean PCs with malware, a news report says.
President Obama says he sees the need for law enforcement to gain access to terrorists' encrypted data, but stops short of calling for a law to require manufacturers to provide a so-called "backdoor" to break encryption on mobile devices.
An increasing number of cyber-attacks are not being launched by governments - or their intelligence services - but rather by opportunistic mercenaries offering "espionage-as-a-service," according to a new report.
The U.S. and U.K. plan to hold "cyber war games" to help them prepare for defending against online attacks. Meanwhile, hackers have targeted 19,000 French websites with DDoS attacks and defacements since the Paris massacre.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.