MySpace has confirmed it is resetting millions of accounts affected by the release of 360 million usernames, email addresses and passwords. According to one expert, more of these types of big breach announcements may be coming.
Financial fraud expert Avivah Litan, a Gartner analyst, says the SWIFT-related heists, which have defrauded banks out of millions of dollars in recent weeks, are not cause for "the sky is falling" alarm. She recommends key security steps to prevent further such incidents.
ISMG editors, in a special report, examine the status of data breach notification laws in a number of regions, including the European Union, which this past week implemented the General Data Protection Regulation, although enforcement won't take place for two years.
E-commerce retailers face an ongoing battle: Their websites are constantly hit by bots using stolen credentials to try to take over accounts. What can companies do to protect themselves? Akamai's Michael Smith offers advice.
As Europe counts down to implementing its General Data Protection Regulation, which will require EU-wide data breach notifications for the first time, similar efforts to enact a single federal law in the United States remain stalled.
LinkedIn failed to force all users to reset their passwords after a 2012 breach of at least 6.5 million credentials came to light. But it turns out the breach actually compromised 167 million accounts. Whoops.
For years, we have been talking about why corporate boards of directors should pay much greater attention to the issue of information security. Could a new cybersecurity assessment app help get board members involved?
Just six months after law enforcement agencies coordinated a takedown to disrupt online banking credential theft linked to the banking Trojan Dridex, the malware has re-emerged with new attack tactics and new targets, researchers say. U.S. bank accounts and businesses are now primary targets.
A report that the $81 million Bangladesh Bank heist was linked to customized malware has raised questions about the security of SWIFT transactions. But the more critical issue, fraud experts say, is the need for banks to have proper security controls in place to detect and prevent network intrusions.
What could be worse than a ransomware infection? How about getting infected by "torture ransomware" that uses a sadistic puppet to taunt you, slowly deleting your encrypted files while increasing the ransom demand until you pay?
Even with the exponential increase in what technology can achieve in fighting security threats and fraud, a recent discussion with practitioners suggests that insider risk remains the biggest issue giving practitioners sleepless nights.
Apple's QuickTime media player and web browser plug-in should be immediately expunged from all Windows systems, security experts warn, in a reminder of the dangers of using outdated software - especially web browser plug-ins.
Enacting legislation to compel tech companies to help law enforcement decrypt data on mobile devices would diminish America's standing as a moral leader in the world, a nation looked up to by billions of people, even with our many flaws.
Tools and techniques need to be identified to aid law enforcement in gathering evidence from devices, such as smartphones, while safeguarding the security and privacy of individuals. Can stakeholders find that middle ground?