The U.S. payments infrastructure will come up far short of completing the rollout of EMV technology by the Oct. 1 fraud liability shift date. Experts say high costs, a perceived lack of consumer demand and doubts about EMV's ability to significantly reduce card fraud are to blame.
If the Chinese government hacked the U.S. Office of Personnel Management for espionage purposes, then the U.S. government's $133 million contract to provide ID theft monitoring services is a waste of money. Instead, the agency could have used the funds to safeguard its systems against future attacks.
Security experts trace many of the world's cybercrime attacks to Russia. But Russian authorities never extradite suspects, and they allow hackers to operate with impunity - if they play by some ground rules.
Security leaders must embrace new approaches to digital business in managing and mitigating enterprise risk. This was the key theme of Gartner's Security and Risk Management Summit - the first of its kind for India.
BlackBerry plans to buy mobile device management rival Good Technology for $425 million. BlackBerry must prep for a future in which it no longer manufactures hardware - and that's why this deal makes sense.
Mozilla, which maintains the Firefox browser, says an attacker infiltrated its bug-tracking tools, stole information on an unpatched flaw, and exploited users for at least three weeks, before the flaw was patched.
More hackers are exploiting remote-access and network vulnerabilities, rather than installing malware to invade networks and exfiltrate data, says Dell SecureWorks' researcher Phil Burdette. That's why conventional breach-detection tools aren't catching the intrusions.
International law enforcement agencies are warning banking institutions and businesses about extortion attacks being waged by an entity known as DD4BC, or DDoS for Bitcoin. They're advising organizations not pay any ransom and to notify their ISPs and law enforcement officials of any threats.
Underground cybercrime forums continue to evolve, offering services ranging from cybercrime toolkits and money laundering to bulletproof hosting and a service that reviews exfiltrated data for corporate secrets, says cybersecurity analyst Tom Kellermann of Trend Micro.
The departure of Noel Biderman as CEO of Avid Life Media, parent company of the infidelity website Ashley Madison, represents a growing recognition of corporate executives' responsibility for data security.
Beyond APT30, another advanced threat group appears to be at work in India and the SEA region, targeting critical information assets. However, APT resiliency is not yet a part of the security lexicon, experts say.