Determining the "fairness" of Target's proposed $39 million settlement with financial institutions affected by the retailer's 2013 breach is impossible until we find out the answers to many questions, including how many banks and credit unions qualify.
A security incident involving keystroke logging malware that apparently started at a Kentucky hospital three years ago - but was only recently discovered after a tip from the FBI - offers a reminder of the urgency of keeping anti-malware protection and mitigation efforts current.
Ireland's Cyber Crime Conference in Dublin drew a capacity crowd for a full day of security briefings, networking, hotly contested capture-the-flag and secure-coding challenges, as well as a chance to sharpen one's lock-picking skills.
TalkTalk's confusion in the wake of its recent data breach, as well as mangling of technical details and failure to encrypt customer data, demonstrate the importance of having an incident-response plan ready in advance of any breach, experts say.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
The massive cyberattacks that struck Chase and other leading U.S. financial services firms illustrate just how vulnerable larger institutions can be to cyber-attacks. They also show why organizations must encrypt customer data, says security and forensics expert Chuck Easttom.
Because hackers often find a way to stick around or repeat their network intrusions after remediation efforts are completed, organizations need to ramp up their "continuous detection" efforts, says security expert Wendi Whitmore of CrowdStrike.
A data breach potentially affecting 16,000 patients at a group of Texas pediatric clinics spotlights the challenges in preventing and detecting breaches involving insiders who are authorized to access records.
An upcoming Verizon report on health data breaches illustrates that the data is at risk at organizations outside of the healthcare sector, and not just at hospitals, clinics, insurers and their business associates, says security expert Suzanne Widup of Verizon Enterprise Solutions.
Banks need to prepare for many more massive cyberattacks along the lines of the sophisticated campaign that hit JPMorgan Chase and other financial services organizations, says Javelin Strategy & Research's Al Pascual, who offers risk management insights.
Cable TV provider Cox Communications will pay a fine and implement a seven-year monitoring program to settle an FCC complaint after suffering a 2014 breach at the hands of a Lizard Squad hacker. Find out the size of the FCC's latest breach-related penalty.
To avoid having their organizations exploited by teenage hackers, boards of directors worldwide need to get serious about security. Here are five lessons to be learned from the latest TalkTalk data breach.
The FFIEC has issued an alert calling on financial institutions to take specific risk mitigation steps in light of an increase in the frequency and severity of cyberattacks involving extortion. Fraud experts applaud the move while offering additional recommendations.
While sophisticated cyberattacks and high-profile mega-breaches get most of the attention, European fraud experts say less sophisticated attacks are far more common and pose a greater fraud risk. At ISMG's Fraud Summit in London, they called for global collaboration to fight fraud.