New requirements to mitigate payment card risks posed by third parties, such as cloud providers and payment processors, are a focal point of the PCI Security Standards Council's updated data security standard.
A significant uptick in traffic linked to an Internet port known as "port zero" is likely among the first signs of a massive and targeted attack against remote servers and networks worldwide, one threat researcher says.
The settlement of a class action lawsuit against AvMed, a health plan company, stemming from a 2009 data breach, is significant because it awards payments to those who were not victims of identity theft.
For years, researchers have studied malicious insider threats. But how can organizations protect themselves from insiders who make a mistake or are taken advantage of in a way that puts the organization at risk?
Rather than waiting until they're a breach victim, organizations should reach out to law enforcement officials to develop a good working relationship in battling cybercrimes, federal prosecutor Erez Liebermann says.
Citing concerns about identity theft risks, a new GAO report urges the Centers for Medicare and Medicaid Services to step up its efforts to remove Social Security numbers from Medicare beneficiaries' ID cards.