Google Project Zero researcher Tavis Ormandy has once again found major vulnerabilities in Symantec's security products. Symantec has released updates, but not all will install automatically - some vulnerable products must be manually updated.
An individual claiming to be the hacker who posted four healthcare databases on the dark web reveals some of his tactics. We take a close look at the risks posed to one affected clinic, which faces a ransom demand.
Warning to parents and guardians: Beware of collecting, storing or sharing your child's biometric information - including fingerprints and DNA - even if you're creating a so-called "Child ID Kit," because the data is a natural target for identity thieves.
Bangladesh Bank has opted to not extend a contract with the incident response team that it hired to investigate the theft of $81 million via fraudulent SWIFT messages. Meanwhile, similar hack attack tactics have apparently been used to steal $10 million from an unnamed bank in Ukraine.
Britain's surprise vote to "Brexit" the European Union leads the ISMG Security Report. Also hear analysis on a cybercrime forum selling remote server access; Comodo being in hot water by saying "let's encrypt"; and why Facebook CEO Mark Zuckerberg covers his webcam with tape.
Achieving international acceptance of PCI-DSS is an ongoing challenge, says Jeremy King, international director of the PCI Security Standards Council, who's working to educate merchants about baseline security that goes far beyond cardholder data protection.
"Brexit" means that British law enforcement agencies will likely have a harder time taking a bite out of cybercrime as well-regarded intelligence-sharing relationships get severed and must be renegotiated.
Comodo made no new friends last week when it claimed that a nonprofit project, Let's Encrypt, stole its business model. Now, the digital certificate giant says it will not pursue applications aimed at securing trademarks using the phrase "Let's Encrypt."
While PCI compliance is a priority for many U.S. retailers, some major companies in Australia say they'd rather forego the cost of compliance and risk the possibility of steep fines if a card breach occurs.
In this edition of the ISMG Security Report, you'll hear reports on the U.S. government nabbing healthcare fraudsters; federal agencies at risk of exposing highly sensitive data; and the hacking of brokerage accounts.
In the wake of a majority of British voters opting to leave the European Union, the U.K. Information Commissioner's Office argues that the country should still comply with the EU's data privacy rules. But will politics get in the way?
Security leaders say data science is becoming the building block of contemporary security solutions, showing great promise for developing necessary cyber defences. But where and how is data science best deployed?
Reacting to strong complaints from retailers, three major card brands have finally taken steps toward reducing the amount of counterfeit fraud chargebacks to U.S. merchants, which began as a result of the EMV fraud liability shift last October. But was the action by the brands bold enough?
The U.S. Securities and Exchange Commission has obtained an emergency court order to freeze the assets of U.K. citizen Idris Dayo Mustapha, who it accuses of hacking into individuals' brokerage accounts to engineer and profit from stock price fluctuations.
RBI Governor Raghuram Rajan's decision to step down at the end of his term in September has provoked interesting discussions within the security fraternity. Leaders believe he has been instrumental in setting a new cybersecurity vision for the banking sector