The latest details revealed about the Home Depot breach are "eerily" similar to the Target compromise and point to the need for retailers to closely monitor the security measures of their third-party vendors and ramp up breach detection efforts.
Troy Leach of the PCI Security Standards Council says log monitoring is an effective data breach detection tool that, unfortunately, not enough merchants put to use. He explains how upcoming PCI guidance could help with implementation.
Following its massive breach, Target has hired a chief risk and compliance officer reporting directly to the CEO. Analysts say this move could signify the importance cybersecurity has reached within retail organizations.
U.S. and European law enforcement officials have arrested 17 alleged vendors and operators of illegal "Darknet" online marketplaces, shuttered 410 websites - including Silk Road 2.0 - and seized narcotics and $1 million in bitcoins.
A hotel booking website hack - resulting in stolen payment cards - triggers a regulator's warning that businesses still need to pay close attention to eliminating SQL injection vulnerabilities from their websites and emphasizing secure coding.
From PCs to tablets to smartphones, customers enter institutions from all electronic angles. And these new banking habits put new strains on traditional IT infrastructure. How can banks ensure security?
In addition to 56 million payment cards being compromised in the Home Depot data breach, approximately 53 million e-mail addresses also were stolen, the retailer reported in an investigation update on Nov. 6.
The developers of the Backoff point-of-sale malware that's infected more than 1,000 U.S. businesses have continued to refine their attack code, including encrypting communications and making the malware tougher to spot or eradicate, researchers say.
Apple iOS and Mac OS X devices are susceptible to WireLurker, a previously unseen malware family that spreads via a third-party Chinese app store, and which can infect even non-jailbroken iOS devices, Palo Alto Networks warns.
The Dutch government this week upheld a 2012 U.S. extradition request for Vladimir Drinkman, who's accused of masterminding the "Shadowcrew" team that hacked Nasdaq, 7-Eleven and others, stealing 160 million cards and causing $300 million in damages.
Amy McHugh, a former FDIC IT examination analyst, says banking regulators will soon scrutinize C-level executives and boards of directors to gauge their cybersecurity awareness in the wake of the FFIEC's pilot cyber-risk assessment program.
Sen. Ron Johnson, R-Wis., the presumptive chairman of the Senate committee with government IT security oversight, hasn't immersed himself heavily in cybersecurity issues during his 4-year Senate tenure.