Virtually every industry is prone to cyberattacks, online fraud and identity theft. For years' banks have secured online transactions for commercial accounts and private banking customers via multifactor authentication. Now through organizations like the NCSA and HIMSS, multifactor authentication may finally become...
In January, banks and other financial services companies based in New York may have to comply with tough new cybersecurity requirements. But some critics contend that the state's regulatory proposal is far too prescriptive, making it challenging for banking institutions, especially smaller ones, to comply.
IoT devices running the authentication protocol OpenSSH are being compromised and used as proxies in attacks that aim to take over accounts at popular web services, according to new research from Akamai.
With comprehensive network modeling extending into virtual networks, network security engineers can gain the needed visibility to unify security and compliance processes across their hybrid hardware and virtual environments.
IoT botnets, the term for armies of hacked internet-connected devices, aren't going away. And an anecdote from the field shows the gravity of the problem and why it's unlikely to be resolved any time soon.
A malware-wielding gang has been targeting financial firms' SWIFT software to inject fraudulent money-moving messages since at least January in "discreet campaigns" not tied to the Bangladesh Bank hack, Symantec warns.
The National Health Information Sharing and Analysis Center aims to better engage smaller healthcare organizations in cyber threat information sharing, leveraging funds from two recent federal grants. Denise Anderson, president of NH-ISAC, describes the plans in this in-depth interview.
As cyberattacks on healthcare entities continue to surge, federal regulators are urging organizations to safeguard network-attached storage devices and other gear that supports or enables file transfer protocol services.
Fashion accessories retailer Vera Bradley says its payments processing system was compromised by a malware attack. The retailer says card transactions conducted between July 25 and Sept. 23 at some of its 35 locations may have been affected.
Understanding the difference between cybersecurity crisis management and security incident response could be critical to your organization's survival. In this blog, a CISO offers insights on creating an effective crisis management plan.
A report on the verbal combat between Hillary Clinton and Donald Trump over whether the Russian government is using hacks to influence the U.S. presidential election leads the latest edition of the ISMG Security Report. Also, an update on Dropbox's new password protection strategy.
Verizon is reportedly awaiting the full results of a digital forensic investigation into the record-setting Yahoo data breach to ascertain whether it will revise its $4.8 billion bid to buy the search firm. Did the breach have a "material impact" on Yahoo's business? That's the question.
Nine technology companies have recently founded the Vendor Security Alliance (VSA), an independent, non-profit coalition that aims to help member companies evaluate or assess the security and privacy of third-party providers whom they heavily rely on and even entrust their users most important data with. They also...
If you look beyond the political bickering and study the cybersecurity platforms that presidential candidates Hillary Clinton and Donald Trump have posted on their campaign websites, you'll see that their approaches are similar in some respects.