Security experts are advising Google users to change their passwords in the wake of almost 5 million usernames and passwords surfacing on Russian cybercrime forums. But some of the stolen data may be several years old.
Apple has announced a new payment feature known as Apple Pay for its latest iPhones that uses NFC technology to conduct transactions. Security and payment experts say the move eventually could help improve payment security.
Once the now-delayed HIPAA compliance audits resume, federal regulators will be conducting more on-site audits and fewer remote desk audits of covered entities and business associates than originally planned.
Now that Home Depot has confirmed its payments breach, industry experts weigh the possibility that the home-improvement giant's attack is linked to earlier breaches at Target, Sally Beauty and P.F. Chang's.
Breaches and other security emergencies can be strong catalysts for change, says CIO John Halamka of Beth Israel Deaconess Medical Center in Boston, which has made a number of moves to beef up data security.
Congress isn't ignoring cybersecurity as lawmakers return to Washington this week. But it's unlikely the House or Senate will vote on any significant cybersecurity legislation before they adjourn later this month in advance of the election.
What steps can organizations take to mitigate insider fraud threats? Michael Theis of Carnegie Mellon, a featured speaker at ISMG's upcoming Fraud Summits in Toronto and London, explains why using data analytics is key.
Apple's advice to always use strong passwords and two-factor authentication ignores that image hackers are bypassing those controls - and celebrities aren't the only victims. Here's what needs to change.
Amidst a year of high-profile and costly data breaches, what can organizations be doing to help ensure they aren't the next victims? Charley Chell of CA Technologies discusses new authentication solutions.
Salesforce.com, a cloud-based customer relationship management provider, warns that malware known as Dyre is targeting certain customers. The company sees no evidence that any users have been impacted.
A decision as to when a cyber-attack would lead to the invocation of Article 5 - the provision that states an attack on one member state is deemed an attack on all members - will be made on a case-by-case basis.