Attackers likely purchased malware in underground "cybercrime-as-a-service" markets to use in recent credit card breaches, including the Target Corp. attack, a new report from McAfee Labs asserts. Adam Wosotowsky explains the report's findings.
Healthcare organizations can now take advantage of a growing number of resources offering guidance on improving medical device security. Learn about the latest security assessment framework that's now being tested.
Congress heard testimony from cybersecurity experts this week about the steps that should be taken to minimize the risk of breaches of the payments system. Learn what Troy Leach of the PCI Council and others had to say.
In the wake of its data breach last year, Target Corp. is overhauling its information security and compliance practices, launching a search for a new CIO and creating the position of chief information security officer.
When it comes to building a breach response team, too many healthcare organizations use a "volunteer firefighter model," taking inadequate steps to prepare for incidents, says security expert Brian Evans.
In the wake of the Target breach, the University of Pittsburgh Medical Center has ramped up Internet monitoring to detect early if the organization is a target for attacks, says John Houston, UPMC's security and privacy leader.
In a keynote address at the RSA 2014 Conference, Kevin Mandia, founder of Mandiant, warns organizations to beware of "victim's fatigue," or letting your guard down after going six months without a breach.
Fraudsters continually find new ways to attack, but too many organizations rely on old, unsuccessful methods to detect and prevent fraud. This is the premise, says David Mattos, VP Sales, with Easy Solutions.