Cybercriminals broke into the payment card processing system used by the Madison Square Garden Co., owner of Radio City Music Hall and other iconic entertainment venues, harvesting payment card details for nearly a year.
Soltra Edge, the automated threat intelligence sharing platform that had been slated to be phased out, has been rescued by NC4, a cyber threat intelligence firm that has purchased the platform, Bill Nelson of FS-ISAC explains in this exclusive audio interview.
In the 13th HIPAA enforcement action this year, federal regulators have slapped the University of Massachusetts Amherst with a $650,000 financial settlement and corrective action plan after investigating a relatively small 2013 breach involving a malware infection at a campus speech and language center.
So, if 2016 was the year when mobile security threats finally started to materialize and mature, what can we expect to see in 2017? Tom Wills of Ontrack Advisory shares insight on the mobility threatscape and new enterprise solutions.
After complaints from merchants and an update from the Fed, Visa has modified debit routing rules, noting that merchants can route U.S. EMV debit transactions through any of more than a dozen available networks, and not just Visa's. The move could have implications for chip-and-PIN use.
Three Mobile, one of the largest U.K. mobile providers, saw more than 132,000 accounts breached in a scam in which fraudsters ordered new devices for customers and then tried to intercept the deliveries.
Cloud-based services can be both a "blessing and curse" when it comes to dealing with security, says John Houston, CISO and associate counsel for the University of Pittsburgh Medical Center, who explains why in this video interview.
When physicians and nurses use their own mobile devices to access clinical information and communicate with patients, an advanced form of encryption can help ensure all sensitive data remains secure, Jonathan Cohen of Synchronoss explains in this video interview.
Adobe will pay a small financial penalty to 15 states to resolve consumer protection and privacy claims following a data breach that affected 38 million active user accounts. The company's legal fees associated with the incident are likely far higher than the settlement amount, experts say.
What's needed to bolster the security of internet of things devices to help prevent cyberattacks, such as the recent botnet-driven DDoS attack against web services provider Dyn? Security experts offered their views at a Nov. 16 congressional hearing.
Last month, the FFIEC issued an FAQ about its Cybersecurity Assessment Tool, reiterating that use of the tool is voluntary. But some critics say regulators are still questioning institutions about their use of the tool during IT examinations, meaning its use is not truly voluntary.
Most - but not all - ransomware attacks against healthcare organizations are reportable breaches requiring notification to affected individuals and federal regulators, Deven McGraw, deputy director of health information privacy at the HHS Office for Civil Rights, explains in this video interview.
An analysis of how the Donald Trump administration will address health IT security and privacy leads the latest edition of the ISMG Security Report. Also, the ramifications of a big breach, and an FBI agent tackles ransomware.