Java users are being warned to only use newly released installers to avoid a nasty potential exploit. Meanwhile, a veteran bug hunter questions whether Oracle's move to ditch Java browser plug-ins will have a significant security upside.
The trend across industries is that automation results in a drastic reduction of operational job roles, even as it brings in economies of efficiency. What then does automation in security mean for the profession?
A new breach of customer accounts at luxury retailer Neiman Marcus is, once again, putting the spotlight on the vulnerabilities created by relying only on usernames and passwords for online authentication, and the risks posed by storing customer information.
"We never negotiate" might be the expectation whenever law enforcement or government agencies get targeted by criminals or even "cyberterrorists." But outside Hollywood, the reality too often turns out to be far less rigid.
Landry's Inc. now reveals the broad scope of point-of-service malware attacks against its restaurants and other properties dating back to 2014 and 2015. Experts discuss factors that could have contributed to the breaches.
Retailers have been at the center of high-profile breaches and an ongoing debate with banking institutions. But Brian Engle of the Retail Cyber Intelligence Sharing Center says cross-industry collaboration is helping retailers improve cybersecurity.
Financial losses tied to fraud against bank accounts increased about 12 percent from 2012 to 2014, but banks are not to blame. To the contrary, the ABA argues that banks are actually making significant strides in their fraud prevention efforts.
Global restaurant chain Wendy's is investigating a suspected data breach following fraud patterns tied to credit and debit cards used at some of its locations. Two card issuers confirm that they've seen signs of related fraud in some U.S. regions.
Cybercriminals are in mourning after the shocking announcement from Oracle that it will deep-six its beloved Java Web browser plug-in technology, owing to browser makers failing to support "standards based" plug-ins.
Extortion campaigns waged by cybercriminals are expected to become more damaging in 2016, putting additional pressure on CISOs to enhance protection of internal networks and educate employees about extortionists' techniques, says iSight Partner's John Miller.
Here's why the acquisition of rival threat-intelligence firm iSight Partners by breach investigation heavyweight FireEye makes sense, and why market watchers predict that other stand-alone intelligence firms will soon get snapped up.
Cyber insurance covers more than the cost of breaches of data privacy; it can play a role in protecting against the cost of a cyberattack that disrupts business operations, explains insurance specialist Tim Burke in this video interview.
A lawsuit filed against security firm Trustwave is raising questions about "PCI Professional Forensic Investigators" and how they are monitored by the PCI Security Standards Council. But experts say the onus is on companies, not the council, to ensure their security practices are adequate.