In the three years since Equifax suffered a massive data breach, the consumer credit reporting firm says it has worked tirelessly to overhaul the security shortcomings that allowed the breach to happen. Equifax CISO Jamil Farshchi and other security experts weigh in on important lessons learned.
Ransomware continues to pose a "significant" threat, and email remains one of the top attack vectors being used by both criminals and nation-states, Australia's Cyber Security Center warns in its latest "Cyber Threat Report," which urges organizations to improve their defenses.
The eHealth Initiative and the Center for Democracy and Technology are seeking feedback on their draft privacy framework that addresses gaps in legal protections for consumer health data falling outside of HIPAA's regulatory umbrella, says eHI CEO Jennifer Covich Bordenick.
European banks are not ready to meet the Dec. 31 deadline to comply with the PSD2 regulation, which requires strong customer authentication when providing API access to banking platforms, says Dr. Steven J. Murdoch, a principal research fellow at University College of London.
The number of cybersecurity incidents reported to the U.K.'s data privacy watchdog has continued to decline, recently plummeting by nearly 40%. But is the quantity of data breaches going down, or might organizations be failing to spot them or potentially even covering them up?
The Reserve Bank of India's draft of a framework for new self-regulatory organizations, including one that would help oversee payment system operators, fails to adequately address security issues, some observers say.
Increasing stress levels for cybersecurity professionals pose a serious organizational security risk, says Neal O'Farrell, founder of the PsyberResilience Project, a mental health advocacy group.
Contact-tracing apps are continuing to take shape around the world as the COVID-19 pandemic continues. Using privacy-by-design principles is critical to building trust in these apps, says privacy expert Ann Cavoukian.
Message to anyone who placed or fulfilled an order via the world's largest darknet market, Empire, in recent weeks: Say bye-bye to your cryptocurrency. It's increasingly clear that Empire's administrators "exit scammed," closing up shop and leaving with a horde of digital currency.
A cybercriminal gang dubbed "UltraRank" that has planted malicious JavaScript code in hundreds of e-commerce websites around the world over the last five years to steal payment card data also takes the unusual step of selling the data on its own, the security firm Group-IB reports.
A hybrid workforce, heightened insider risk, 5G concerns over the expanded attack surface - these are the "more" that people reference when they talk about "doing more with less" in 2021. A CEO/CISO panel discusses how security leaders prioritize budget allocations for these concerns.
Warning: Hackers are actively attempting to exploit two zero-day flaws in the IOS XR Cisco operating system that runs its carrier-grade routers. Cisco has described ways to partially mitigate the vulnerabilities while it preps patches.
Blackbaud is one of a growing number of organizations that say they paid ransomware attackers primarily for their promise to delete exfiltrated data. A class action lawsuit filed against the software vendor in the wake of its breach notification questions whether attackers' promises have any merit.
A global phishing campaign that purports to offer information about surgical masks and other personal protective equipment for use during the COVID-19 pandemic is infecting victims' devices with the AgentTesla remote access Trojan, according to researchers at Area 1 Security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.