The Department of Veterans Affairs is in the midst of an IT transformation that spotlights security efforts ranging from enforcing the use of two-factor authentication to reducing privileged access accounts, says a new mid-year report.
A Senate bill proposes removing Social Security numbers of U.S. veterans from all Department of Veterans Affairs' information systems within the next five years to help reduce identity theft and fraud. How difficult would it be to make the change?
The FBI is warning U.S. businesses to beware of business email compromise scams focused not just on creating fraudulent wire transfers, but also stealing personally identifiable information. Experts, however, are criticizing the FBI's alert as being too little, too late.
With rampant password, patch management and data missteps, it can feel like information security déjà vu all over again as security professionals fight so many of the same battles as 10 or 20 years ago, says white hat hacker Cris Thomas, a.k.a. "Space Rogue."
Dropbox is keeping a close eye on the latest news reports of big-name, big-data breaches, but says the reported hackers are bluffing when claiming to have compromised and obtained the web storage service's data.
Asking how many different technologies consumers will tolerate when it comes to paying for their goods and services is a bit like asking how many more superheroes moviegoers will countenance in the latest "Avengers" film.
With hack attacks continuing against banks, SWIFT must follow in the footsteps of other vendors - notably Microsoft - and begin offering detailed, prescriptive security guidance to its users, says Doug Gourlay of Skyport Systems.
Russian email service Mail.Ru says its users' credentials contained in data leaked to Hold Security are 99.982 percent invalid, leading it to slam the security firm for stoking "media hype." But Hold Security's CISO contends the leak contains valid email addresses that could be used for phishing and spam.
A security firm claims to have obtained from a young Russian hacker a data set that includes 272 million unique credentials for Hotmail, Gmail and Yahoo email addresses, among others. But there's no reason to panic, security experts say.
The section chief of the FBI's Cyber Division says "the FBI does not condone payment of ransom," in part because it enables criminals to victimize others. Instead, the bureau continues to urge all potential victims to get their IT house in order.
Five new payment card data security requirements for third-party service providers are among the most significant changes included in version 3.2 of the PCI Data Security Standard released April 28, says Troy Leach of the PCI Security Standards Council.
A soon-to-be-launched pilot project funded by the National Institute of Standards and Technology aims to provide a potential model for how online access to patient information can be streamlined while boosting security, NIST trusted identities expert Phil Lam explains in this audio interview.
Visa's new plan to help merchants speed checkout times for EMV chip payments sounds good, in theory. But in reality, it isn't likely to have much immediate impact on either speeding EMV adoption or enhancing the user experience.
What could be worse than a ransomware infection? How about getting infected by "torture ransomware" that uses a sadistic puppet to taunt you, slowly deleting your encrypted files while increasing the ransom demand until you pay?