Payment data and personal information are both attractive targets for criminals, says breach investigator Erin Nealy Cox of forensics firm Stroz Friedberg. Learn why she says card data isn't the only lucrative target.
The OWASP Top Ten list of security risks was created more than a decade ago to be the start of an industry standard that could bootstrap the legal system into encouraging more secure software. Here are the 2013 updates.
A recent $1 million cyberheist at a county hospital illustrates why healthcare organizations must pay attention to securing financial as well as clinical data - and educate staff about how to recognize phishing e-mails.
In this week's breach roundup, read about the latest incidents, including a class action lawsuit against a VA hospital following the loss of a laptop and the discovery of records in an abandoned mental health facility.
A citizen's petition that received more than 117,000 signatures asks the White House to stop the Cyber Intelligence Sharing and Protection Act. Why does the White House response suggest a redo of last year's battle over cybersecurity legislation?
Security firm Mandiant recently released a widely publicized report detailing cyber-espionage activity originating in China. Mandiant Director Charles Carmakal discusses the latest nation-state threats.
Although there have not yet been any confirmed reports of financial fraud associated with a major data breach at the Utah Department of Health last year, the potential for costly fraud is huge, contends Al Pascual of Javelin Strategy and Research.
It isn't just the quantity of cyber-attacks that's staggering; it's the quality. The average hacker now has access to nation-state-level attack capabilities, says James Lyne of Sophos. How can organizations defend?
A 143-point drop in the Dow Jones Industrial Average proves the power of social media and the havoc it can cause when an account gets hacked. It's time for social media companies to tighten the authentication process.