The advanced and persistent nature of today's cyber-attacks, which are often waged by nation-states, is changing the way organizations address network security, says BitSight CEO Shaun McConnon.
The DNS infrastructure underlying the Internet is the map that both the good guys and bad guys need. Dr. Paul Vixie, a member of the Internet Hall of Fame, discusses DNS' impact on the security landscape.
New, advanced point-of-sale malware dubbed "Poseidon" can exfiltrate card data directly from every infected device. And security experts warn that too many retailers fail to test POS devices and segment networks to mitigate all malware threats.
Troy Leach of the PCI Security Standards Council says data security standards are not failing; they just aren't being applied continuously. And conformance with the Payment Card Industry Data Security Standard is just one piece of the puzzle.
As financial institutions update their defenses in light of new types attacks - from scams to network-penetrating cyber-attacks - they need to ensure they factor in all of the ways that their systems and employees might be targeted or manipulated.
Declaring a national emergency over hack attacks, President Obama signed an executive order authorizing the government to impose sanctions on hackers. But information security experts voice questions - and concerns.
Businesses targeted by ransomware attacks are increasingly willing to negotiate with - and even pay - their extortionists. But negotiating with cyberthieves is never a good idea.
Some legal and security experts are questioning the potential effectiveness of President Obama's new executive order that allows the U.S. government to block or seize the assets of individuals suspected of launching significant cyber-attacks
As more mega-breaches occur, cyber-insurers will more closely assess the security risks of potential clients, leading more organizations to improve their information security programs, attorney John Yanchunis predicts.
The FFIEC warns U.S. financial institutions that they're at increased risk from attacks that are designed to harvest large amounts of credentials, as well as from destructive "wiper" malware attacks.
Slack Technologies, a tech start-up that offers a group chat tool, announces it's rolling out two-factor authentication after hackers breached a database of user profile information.
Psychologically speaking, nothing beats the power of a well-timed deadline. And love it or hate it, Google's 90-day "Project Zero" deadline for fixing flaws - before they get publicly disclosed - has rewritten bug-patching rules.
Target Corp.'s pending settlement of a consumer class action lawsuit is more about public relations than compensating victims, some observers say. But will it have an impact on a pending suit filed by banks?
A federal judge has granted preliminary approval of a $10 million settlement of a consolidated class action lawsuit filed on behalf of consumers affected by the massive 2013 Target data breach.
Web.com won't confirm or deny that its Register.com subsidiary, which manages more than 2 million domain names, has been breached. But a news report claims the FBI is investigating a year-old intrusion.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.