Most U.S. Defense Department contractors would be required to report a data breach to the Pentagon under provisions of the National Defense Authorization Act agreed to by a House-Senate conference committee.
The arrest of 10 individuals allegedly tied to a global phishing scheme that exploited Facebook is good news. But experts say banking institutions need to push stronger security and authentication to protect accounts.
Hacktivists announced Dec. 18 that they planned yet another round of distributed-denial-of-service attacks against five U.S. banks. Wells Fargo confirmed its online banking site experienced outages throughout the day.
A breach that resulted in a $1 million HIPAA settlement led Partners Healthcare in Boston to take many significant steps, including merging its privacy and security efforts, says CISO Jennings Aske. More changes are planned for 2013.
The Walgreens drugstore chain will pay $16.6 million to settle a California case involving improper disposal of hazardous waste, as well as certain confidential patient information, in dumpsters near their stores.
Eurograbber got banks' attention after compromising out-of-band authentication in Europe. But researchers say it's the knowledge of the hackers behind the attack, not the Trojan, that's most concerning.
McAfee researchers have uncovered new information about a Gozi variant, which RSA in October named Prinimalka. The Trojan, part of a blitzkrieg-like attack, is expected to hit 30 institutions in spring 2013.
The National Institute of Standards and Technology has published new guidance on generating cryptographic keys to help organizations protect their data with secure keys no matter the type of algorithm they choose.
Online outages affecting leading U.S. banking institutions continued Dec. 12, but only U.S. Bank confirmed its site issues were linked to a distributed-denial-of-service attack. Meanwhile, FS-ISAC outlined precautions institutions should take.