The Verizon 2016 Data Breach Investigations report finds malware, ransomware and phishing attacks are more common than ever and creating even more damage. Organizations are continuing to get exploited via vulnerabilities that are months or even years old, forensics expert Laurance Dine explains in this interview.
In the aftermath of the settlement of banks' post-breach lawsuit against Target, one financial institution is now suing Wendy's seeking to recoup breach-related expenses for all affected card issuers. But are the suit's claims about the impact of a lack of EMV capabilities justified?
Five new payment card data security requirements for third-party service providers are among the most significant changes included in version 3.2 of the PCI Data Security Standard released April 28, says Troy Leach of the PCI Security Standards Council.
The most important lesson from the lawsuit electronic health records vendor Epic Systems filed against Tata Consultancy Services is that data security controls must extend beyond protecting personally identifiable information to include intellectual property, attorney Ron Raether explains in this audio report.
Qatar National Bank has suffered a massive breach involving 1.4 GB of sensitive internal files being dumped online by unknown attackers. Experts say customers' records, access credentials and payment card data have been exposed.
A soon-to-be-launched pilot project funded by the National Institute of Standards and Technology aims to provide a potential model for how online access to patient information can be streamlined while boosting security, NIST trusted identities expert Phil Lam explains in this audio interview.
The U.S. government is actively disrupting - rather than just monitoring - computer systems, networks and communications technologies used by the jihadi fighters known as ISIS, ISIL or Daesh, according to a news report.
Like last year's breach of the online dating site Ashley Madison - tagline: "Life is Short. Have an Affair." - this year's release of the "Panama Papers" is holding individuals accountable for actions which, if not always illegal, in many cases appear to have at least been unethical.
Prosecutors have expanded a complex case, involving an alleged pump-and-dump stock scheme, hacking into U.S. banks and operating an unlicensed bitcoin exchange, to include money-laundering charges related to processing bitcoin ransoms paid by ransomware victims.
Visa's new plan to help merchants speed checkout times for EMV chip payments sounds good, in theory. But in reality, it isn't likely to have much immediate impact on either speeding EMV adoption or enhancing the user experience.
Two of the hacker masterminds behind the notorious SpyEye malware have each received lengthy prison sentences after pleading guilty to related charges in U.S. federal court. But alleged Zeus creator and accomplice Evginy Bogachev remains at large.
Epic Systems' successful lawsuit against India's Tata Consultancy Services raises many security questions. For example, why did Epic find out about the allegedly inappropriate downloading of trade secrets from an external whistleblower, rather than as a result of internal detection efforts?
A North Carolina orthopedic clinic will pay a $750,000 penalty as part of a breach-related federal settlement involving the release of 17,300 X-ray films containing patient information to a vendor without having a business associate agreement in place, as required under HIPAA.