Banks are not doing enough to ensure that third-party service providers are taking adequate cybersecurity steps, according to the New York State Department of Financial Services, which is considering ramping up regulatory scrutiny.
Islamic State sympathizers are exploiting a vulnerability in a WorldPress Content Management System plug-in to deface the websites of news outlets, businesses, religious groups and governments in the U.S. and abroad, the FBI says.
The upcoming RSA Conference 2015 in San Francisco will feature sessions ripped from the headlines, reflecting the challenges security professionals face in safeguarding their organizations' systems and information.
White Lodging Services Corp. has revealed a malware attack against point-of-sale systems at 10 of the hotels it manages, potentially exposing payment card data. The disclosure comes about a year after it confirmed a similar malware-related breach.
AT&T, in a settlement with the FCC, agrees to pay a $25 million fine because call center employees in Mexico, Colombia and the Philippines accessed private information from some 278,000 customer accounts without authorization.
The DNS infrastructure underlying the Internet is the map that both the good guys and bad guys need. Dr. Paul Vixie, a member of the Internet Hall of Fame, discusses DNS' impact on the security landscape.
Some merchants want to postpone the EMV-related fraud liability shift, which major card brands have slated for October. But Randy Vanderhoof of the EMV Migration Forum sees "no reason to move the date."
We all know that breaches and cybersecurity are topics of boardroom discussion. But how should security leaders present them to their boards? Jim Anderson of BAE Systems Applied Intelligence offers tips.