An international law enforcement operation - spearheaded by the U.S. FBI and U.K. National Crime Agency - has disrupted the notorious Dridex banking malware and phishing campaign, which has been tied to at least $40 million in losses worldwide.
Newly discovered breaches at E*Trade Financial and Dow Jones highlight hackers' increasing attempts to steal, sell and utilize personal information. Security experts describe PII's value for fraudsters and scammers and offer lessons learned from these and other incidents.
Dell's announcement that it plans to purchase storage maker EMC for a mind-boggling $67 billion does not make clear the fate of EMC's information security unit, RSA. Analysts believe Dell has not yet determined whether RSA fits into its long-term plans or should be sold or spun off.
Security researchers have demonstrated in a lab setting an information-stealing attack against Amazon Web Services users. But Amazon says its customers "using current software and following security best practices are not impacted by this situation."
Financial services firm E*Trade and publisher Dow Jones are separately warning their customers and subscribers that their personal information - and in some cases, payment card data - may have been compromised in a cyberattack campaign.
As part of a government campaign to discourage health information "blocking," a federal agency warns that donations - such as from a hospital to a physician - of electronic health record software that has limited ability to securely exchange data are potential violations of federal anti-kickback laws.
Three U.S. senators are demanding answers from Experian after it suffered a breach that exposed personal information for 15 million T-Mobile subscribers. They also have called for national breach notification and data security regulations.
Less than a year after the United States Postal Service revealed that hackers breached agency computers, many employees continue to click on phishing messages that contain false links, according to an inspector general report.
The protection of patients' health data is a fundamental principle deeply woven throughout federal regulators' new 10-year roadmap for interoperable health data exchange. While some experts say the plan is on the right track, others say more work is needed.
Two final rules for the HITECH Act electronic health record incentive program strongly emphasize the value of risk assessments and encryption as measures for safeguarding patient information. Here's an analysis of the details.
One week after the EMV fraud liability shift took effect for U.S. merchants, experts say much more needs to be done to prepare merchants for chargebacks and new socially engineered scams aimed at exploiting consumers.
A cybercrime ring that employed the Angler Exploit Kit to earn an estimated $34 million per year - from ransomware infections alone - has been disrupted by security researchers at Cisco's Talos security intelligence and research group.
Security on the endpoint took a long time to move away from mere patching, hardening and anti-virus technologies. To fight advanced threats, experts say visibility on endpoints is being transformed by the advent of endpoint detection and response tools.
The Department of Health and Human Services has released final rules for the HITECH Act electronic health record incentive program that address privacy and security issues. HHS has also released its final "interoperability roadmap" designed to guide progress toward health data exchange.