FireEye is warning Apple users about a flaw in which downloaded malicious apps can replace genuine iOS apps, an exploit the security firm is dubbing the "Masque Attack." Experts offer insights on mitigating the threat.
MasterCard is testing a biometric wristband that authenticates a user's identity for payment card transactions by monitoring their heartbeat. Payment experts weigh in on whether the technology has the potential for widespread use in preventing card fraud.
Poor post-breach communication can cause as much damage to a company's reputation as the cyber-incident itself, says Al Pascual, a senior analyst at Javelin Strategy & Research, who will speak at ISMG's Fraud Summit Dallas.
Troy Leach of the PCI Security Standards Council says log monitoring is an effective data breach detection tool that, unfortunately, not enough merchants put to use. He explains how upcoming PCI guidance could help with implementation.
A hotel booking website hack - resulting in stolen payment cards - triggers a regulator's warning that businesses still need to pay close attention to eliminating SQL injection vulnerabilities from their websites and emphasizing secure coding.
In addition to 56 million payment cards being compromised in the Home Depot data breach, approximately 53 million e-mail addresses also were stolen, the retailer reported in an investigation update on Nov. 6.
The new director of Britain's eavesdropping agency, GCHQ, has blasted U.S. technology firms, arguing that - intentionally or not - they're "the command-and-control networks of choice for terrorists and criminals."
JPMorgan Chase in September confirmed that it was the victim of a cyber-attack that compromised customer information. This infographic provides an overview of what we know so far and what questions remain unanswered.
The National Institute of Standards and Technology has released a draft of guidance aimed at helping government agencies and businesses establish, participate in and maintain cyberthreat information sharing relationships.
The debate between leading retail and banking associations over accountability for card fraud has heated up in recent weeks. One retail group now says claims about merchant security and fraud liability have been misstated.
Automated attacks have potentially compromised the majority of websites that run the Drupal content management system, giving attackers platforms for launching malware, DDoS attacks and spam, according to the Drupal security team.
Air-gapped networks promise security by disconnecting PCs from the Internet. But graphics cards in malware-infected systems attached to air-gapped networks can be made to broadcast data via FM radio to nearby smart phones, researchers warn.
In this post-Target era of "It's not a matter of if, but when," how prepared is your organization for a data breach? Michael Buratowski of General Dynamics Fidelis Cybersecurity Solutions offers tips for breach planning and response.