The PCI Council has unveiled new guidance for mitigating payment card risks posed by third parties. Troy Leach, the council's CTO, explains how banking institutions and merchants can put the guidance to use.
Millions of user credentials are breached regularly - whether we hear of the incidents or not. So, why do we continue to rely on passwords? Derek Manky of Fortinet discusses authentication and data retention.
That Russian hackers may be hording 1.2 billion credentials merely reflects the insecurity of the world we live in today, says David Perry, threat strategist at the Finnish IT security company F-Secure.
The hacker community can be a cynical crowd, or perhaps a realistic one, that tries to make the best of the threats confronting society. CISO Dan Geer, for example, prefers to hire security folks who are, more than anything else, sadder but wiser.
A report that a Russian hacker group dubbed "CyberVor" is hoarding more than 1 billion stolen passwords triggered worldwide concern, but security experts caution that scant details have been revealed, making the threat tough to judge.
The Office of the National Coordinator for Health IT's initial oversight of organizations authorized to test and certify electronic health records software did not adequately ensure that patient data within EHRs is secure, a new report concludes.
Today's sophisticated attackers use ever-stealthier malware and zero-day exploits to evade traditional security defenses, making organizations increasingly vulnerable to advanced persistent threats (APTs). These APTs seek to exfiltrate critical data over the long term.
A Russian cyber gang has breached over 420,000 web and FTP sites to pilfer over 1.2 billion credentials, according to Hold Security, saying it discovered "what could be arguably the largest data breach known to date."
Target Corp.'s net breach expenses not covered by insurance are expected to total $146 million for its most recent three quarters following the company's massive December 2013 data breach that compromised payment card information.
Cybersecurity researchers at the Georgia Tech Research Institute are developing a tool known as BlackForest that amasses information from the Internet to give organizations an early warning of a pending cyber-attack.