A recent interview about why retailers say EMV without the PIN is a fruitless fraud-fighting effort has spurred debate among retailers and bankers. In the end, though, bankers' resistance to PIN is all about time and money.
Financial services company Morgan Stanley has fired an employee who it claims stole account data for hundreds of thousands of clients and posted a small subset of it online. Find out how many clients were affected.
Microsoft says it's prepping a patch for a Windows vulnerability that was recently disclosed by Google. The search giant's 90-day deadline for vendors to patch bugs has drawn both condemnation and praise from the information security community.
Spear phishing is going to be a leading worry for banks in 2015, as hackers increasingly target bank employees to compromise credentials used to access consumer and business accounts as well as critical servers and systems.
"Cybercrime as a Service" is the latest threat evolution, and traditional defenses continue to fall short. Derek Manky of Fortinet discusses the merits of information sharing and the new Cyber Threat Alliance.
Once a file enters the network, we often lack the tools to monitor the file's behavior. In essence, using the point-in-time model, the security professional cannot retry the file for guilt or innocence.
A new report now claims the breach at JPMorgan Chase is linked to a server the bank's security team overlooked when upgrading to two-factor authentication controls. Why that oversight and a well-planned spear-phishing attack were all hackers needed.
The response by Sony Pictures Entertainment executives to the hack attack against their company provides a number of great examples for how to not to handle a data breach. Here are 7 key mistakes they made.
Researchers are alarmed about the increasing sophistication of crimeware-as-a-service, an underground business model that pushes adaptable malware from a botnet. How can banking institutions defend their accounts?
A report claiming that Las Vegas Sands Corp. was hit with a "wiper" malware attack back in February, similar to one that recently affected Sony Pictures Entertainment, illustrates why more organizations need to mitigate the risks of such an attack.
A recent blog post by Managing Editor Mathew J. Schwartz, "Why Are We So Stupid About Passwords?" raised a number of issues about the ongoing risks involved in using passwords for authentication. Read the strong reaction to the commentary and join the conversation.