A security firm claims to have obtained from a young Russian hacker a data set that includes 272 million unique credentials for Hotmail, Gmail and Yahoo email addresses, among others. But there's no reason to panic, security experts say.
Five new payment card data security requirements for third-party service providers are among the most significant changes included in version 3.2 of the PCI Data Security Standard released April 28, says Troy Leach of the PCI Security Standards Council.
What could be worse than a ransomware infection? How about getting infected by "torture ransomware" that uses a sadistic puppet to taunt you, slowly deleting your encrypted files while increasing the ransom demand until you pay?
Apple's QuickTime media player and web browser plug-in should be immediately expunged from all Windows systems, security experts warn, in a reminder of the dangers of using outdated software - especially web browser plug-ins.
Tools and techniques need to be identified to aid law enforcement in gathering evidence from devices, such as smartphones, while safeguarding the security and privacy of individuals. Can stakeholders find that middle ground?
The keys to the digital kingdom are too easy to steal through malware and social engineering. What can security leaders do to help raise their organizations' level of privileged access management? Ken Ammon of CA Technologies offers insights in this video interview.
Who's right: Apple or the FBI? Our readers continue to debate a magistrate judge ordering Apple to help unlock an iPhone tied to a San Bernardino shooter, raising such issues as strong crypto, backdoors as well as legal and moral responsibilities.
Here's more evidence of how a data breach can have a major financial impact. The bill for U.K. telecom giant TalkTalk's October 2015 data breach could be as much as $94 million, and the incident resulted in the loss of 95,000 customers.
Security experts are warning that Chinese networking product manufacturer TP-Link has been shipping routers with a WiFi password that's based on their MAC address, thus making their passwords easy for would-be attackers to sniff.
Adobe is warning Flash users to update their software immediately in the wake of zero-day attacks that can enable attackers to take full control of vulnerable systems. This year, Adobe has patched 316 bugs in Flash. Is it time for the plug-in to die?
For years, information security experts have been warning users to create complex, unique passwords, and organizations to secure them properly. But an analysis of 12 million cracked Ashley Madison passwords shows how much we're still failing.
The U.S. payments infrastructure will come up far short of completing the rollout of EMV technology by the Oct. 1 fraud liability shift date. Experts say high costs, a perceived lack of consumer demand and doubts about EMV's ability to significantly reduce card fraud are to blame.
BlackBerry plans to buy mobile device management rival Good Technology for $425 million. BlackBerry must prep for a future in which it no longer manufactures hardware - and that's why this deal makes sense.
Security is a busy sector: Symantec jettisoned Veritas, Zscaler became a "unicorn" after its most recent funding round, and we have other M&A news from Cisco, Fidelity National Information Services and Proofpoint.
Although they apparently weren't caused by cyber-attacks, the impacts of computer failures at the New York Stock Exchange, United Airlines and the Wall Street Journal have much in common with the aftermath of breaches.