Armed with stolen personal data, cybercriminals can easily bypass conventional identity authentication methods. So how can organizations strengthen authentication without harming customer experience? Shaked Vax of IBM Security shares insights.
If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.
While PCI compliance is a priority for many U.S. retailers, some major companies in Australia say they'd rather forego the cost of compliance and risk the possibility of steep fines if a card breach occurs.
First the hackers came for our credit cards. Now they're taking control of our TVs. Witness the latest version of FLocker - for "frantic locker" - which is designed to lock Android devices, including smart TVs.
"We never negotiate" might be the expectation whenever law enforcement or government agencies get targeted by criminals or even "cyberterrorists." But outside Hollywood, the reality too often turns out to be far less rigid.
Sometimes language barriers can be a good thing: Many malware-wielding cybercriminals have historically targeted users in North America and Europe over Japan, owing to linguistic challenges. But that's changing.
Here's why the acquisition of rival threat-intelligence firm iSight Partners by breach investigation heavyweight FireEye makes sense, and why market watchers predict that other stand-alone intelligence firms will soon get snapped up.
Attorneys general in nine states say card issuers should move to chip-and-PIN, rather than chip-and-signature, as they roll out EMV. But are other issues, such as wider use of encryption and tokenization, more worthy of attention?
ATM fraud losses are increasing globally, and we can expect to see this trend continue as the U.S. ramps up its migration to EMV at the point of sale. Unattended terminals are easy to compromise, and they will always be among fraudsters' favorite targets.
MasterCard is testing a smartphone app that lets users approve online transactions using facial recognition, via the equivalent of taking a selfie. But could such technology be spoofed, and will it reduce card fraud?
Breached dating website FriendFinder allegedly missed email warnings from security researchers that its site had been breached and customers' data was being sold on a "darknet" site. What can other businesses learn from that apparent mistake?
Israeli Prime Minister Benjamin Netanyahu may have been a bit premature to claim Israel has deployed a cyber "iron dome" to protect its critical IT and defense systems. But a new initiative under way will try to do just that.
If the NSA's meddling in NIST cryptography standards soiled the reputation of the National Institute of Standards and Technology, an amendment approved by the House of Representatives could help restore it.
An analysis of the Target breach prepared for a Senate committee is a political document that might help its patron's agenda but doesn't go far enough to identify technical solutions to help enterprises avoid Target-like breaches.