Comptroller of the Currency Thomas Curry says "it's only fair" that merchants should be responsible for some of the expenses that result when their systems are breached. Now, security experts consider the implications of his comments.
FireEye is warning Apple users about a flaw in which downloaded malicious apps can replace genuine iOS apps, an exploit the security firm is dubbing the "Masque Attack." Experts offer insights on mitigating the threat.
Poor post-breach communication can cause as much damage to a company's reputation as the cyber-incident itself, says Al Pascual, a senior analyst at Javelin Strategy & Research, who will speak at ISMG's Fraud Summit Dallas.
A former South Carolina state employee who pleaded guilty to five felony charges after he sent personal information about more than 228,000 Medicaid recipients to his personal e-mail account won't go to prison. Find out the details.
The latest details revealed about the Home Depot breach are "eerily" similar to the Target compromise and point to the need for retailers to closely monitor the security measures of their third-party vendors and ramp up breach detection efforts.
Troy Leach of the PCI Security Standards Council says log monitoring is an effective data breach detection tool that, unfortunately, not enough merchants put to use. He explains how upcoming PCI guidance could help with implementation.
Following its massive breach, Target has hired a chief risk and compliance officer reporting directly to the CEO. Analysts say this move could signify the importance cybersecurity has reached within retail organizations.
A hotel booking website hack - resulting in stolen payment cards - triggers a regulator's warning that businesses still need to pay close attention to eliminating SQL injection vulnerabilities from their websites and emphasizing secure coding.
In addition to 56 million payment cards being compromised in the Home Depot data breach, approximately 53 million e-mail addresses also were stolen, the retailer reported in an investigation update on Nov. 6.
Sen. Ron Johnson, R-Wis., the presumptive chairman of the Senate committee with government IT security oversight, hasn't immersed himself heavily in cybersecurity issues during his 4-year Senate tenure.
Nearly three years after his indictment, the alleged kingpin of an Estonian gang that infected 4 million PCs in more than 100 countries with malware, generating an estimated $14 million in fraudulent online ad revenue, has been extradited to the U.S.
JPMorgan Chase in September confirmed that it was the victim of a cyber-attack that compromised customer information. This infographic provides an overview of what we know so far and what questions remain unanswered.