Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.
From PCs to tablets to smartphones, customers enter institutions from all electronic angles. And these new banking habits put new strains on traditional IT infrastructure. How can banks ensure security?
Foreign spy agencies have powerful incentives to hack U.S. government IT systems, and that won't change, experts say, as they react to suspected Chinese involvement in the breach of National Oceanic and Atmospheric Administration websites.
Microsoft has issued a patch to correct a critical vulnerability in Schannel, which encrypts transactions on most Windows platforms. The bug is "concerning" for organizations running the service, some experts say, comparing it to the Heartbleed flaw.
Security researchers recently uncovered a new version of the Backoff POS malware, which offers several new features that make it tougher to eradicate. This infographic offers a roundup of a number of significant recent malware developments.
FireEye is warning Apple users about a flaw in which downloaded malicious apps can replace genuine iOS apps, an exploit the security firm is dubbing the "Masque Attack." Experts offer insights on mitigating the threat.
MasterCard is testing a biometric wristband that authenticates a user's identity for payment card transactions by monitoring their heartbeat. Payment experts weigh in on whether the technology has the potential for widespread use in preventing card fraud.
U.S. and European law enforcement officials have arrested 17 alleged vendors and operators of illegal "Darknet" online marketplaces, shuttered 410 websites - including Silk Road 2.0 - and seized narcotics and $1 million in bitcoins.
A hotel booking website hack - resulting in stolen payment cards - triggers a regulator's warning that businesses still need to pay close attention to eliminating SQL injection vulnerabilities from their websites and emphasizing secure coding.
In addition to 56 million payment cards being compromised in the Home Depot data breach, approximately 53 million e-mail addresses also were stolen, the retailer reported in an investigation update on Nov. 6.