The U.S. Treasury Department announced Monday that it has imposed sanctions on five Russian organizations and three individuals, the latest move by the Trump administration in response to Russian cyberattacks.
South Korean cryptocurrency exchange Coinrail says hackers stole 30 percent of all of the cryptocurrency tokens it was storing, but many have been successfully frozen or recalled. Security experts say cryptocurrency exchanges remain poorly secured, so they're popular targets for hackers.
Although all the major credit card brands have dropped the requirement for obtaining signatures to verify point-of-sale transactions made with EMV payment cards, they're not pushing strongly for using PINs instead, leaving that authentication decision to card issuers, says Linda Kirkpatrick of Mastercard.
One day, organizations may be able to self-certify their GDPR compliance, says an official at the U.K.'s data privacy regulator. Regardless, experts recommend that organizations ensure they are focusing on continuous GDPR compliance and regularly testing their data breach response plans.
The era of the underground marketplace may be ending as concerns over law enforcement infiltration rise, says threat intelligence company Digital Shadows. Cybercriminals' deals are shifting toward encrypted chat and other decentralized services, the company says.
Leading the latest edition of the ISMG Security Report: Our exclusive report on an Australian criminal investigation into a company that apparently swiped cryptocurrency using a software backdoor. Also, cutting through the hype on artificial intelligence and machine learning.
What impact will an appellate court's ruling Wednesday that vacated the Federal Trade Commission's data security enforcement action against LabMD have on the agency's long-term enforcement activities? Regulatory experts are weighing in.
Australian HR service provider PageUp, which serves a variety organizations worldwide, says malicious software on its systems may have compromised client data as well as usernames and passwords. PageUp believes systems that store documents, resumes and employment contracts are not affected.
Since its inception the NIST Cybersecurity Framework has been embraced across geographies and sectors. Trend Micro's Ed Cabrera talks about how to maximize the framework as a baseline for improving cybersecurity posture.
Companies offering cybersecurity products are using the terms "artificial intelligence" and "machine learning" in many different ways. But the real meanings of the terms are far more nuanced than marketing hyperbole would lead us to believe, says Grant Wernick of Insight Engines.
LabMD, a now-defunct cancer testing laboratory, has won a major victory in its longstanding legal dispute with the Federal Trade Commission. A U.S. Court of Appeals on Wednesday vacated an FTC enforcement action against the lab in a data security dispute dating back to 2013.
Congress is considering how to help beef up the healthcare sector's preparedness and response to cyber threats. But why is there so much confusion about the role of the Department of Health and Human Services?
The geneology service MyHeritage says a security researcher found 92 million email addresses and hashed passwords for its users on a private external server. The company, however, says there's no evidence of abnormal account activity or indications family trees or DNA results were affected.
RSA's most recent Quarterly Fraud Report shows that "newsjacking" is increasingly empowering phishing attacks, says Angel Grant, RSA's director of identity fraud and risk intelligence. The report also shows a continuing surge in mobile app fraud.