Attributing the Anthem, OPM and other breaches to specific attackers might be useful for government-level diplomatic efforts. But organizations must prioritize blocking all types of espionage and cybercrime attacks, says Symantec's Vikram Thakur.
The prices for stolen payment card data and other cybercrime products and services on Russian underground forums continue to fall. But the cybercrime ecosystem is more automated, effective and robust than ever, Trend Micro reports.
Just two weeks after an international, FBI-led operation disrupted the notorious hacking forum Darkode, leading to 70 arrests, a supposed site administrator has claimed the forum will reboot on the "dark Web." But security experts question those claims.
When Benjamin Wyrick of VASCO Data Security looks toward 2016, he sees financial institutions embracing new mobile banking apps that are at once convenient and secure. What are the keys to making his vision a reality?
A breach of patient data on a Web portal was discovered during a lengthy criminal investigation into a multi-million-dollar fraud scheme targeting Healthfirst, a New York-based managed care organization.
A new security alert from NCR Corp. warns that ATM skimming attacks in the U.S. are on an upswing. And as EMV migration efforts ramp up, experts say banks and credit unions can expect these attacks to continue to increase. But what can be done to mitigate the risk?
Visa's Eduardo Perez says one of the key merchant vulnerabilities his company is most concerned about is weak remote-access controls for point-of-sale systems and devices. He offers risk mitigation advice in this exclusive interview.
RSA Conference Asia Pacific and Japan, which wrapped up last week, was a successful reflection of this region's hottest security topics. Here are some of my own observations, as well as feedback from the attendees.
A lawsuit filed against information services firm Experian alleges the company failed to detect that a customer of its data aggregator unit was a fraudster. Could stronger customer vetting have prevented misuse of information?
The Ashley Madison dating website hack and threatened data release is a perfect illustration of the perils - and promise - of our Internet-connected, hacktivist age, whether it comes to online dating or the Internet of Things.
The U.S. Department of Justice has charged three men in a fraud scheme reportedly tied to hacks of JPMorgan Chase. Separately, two men are charged with running an unlicensed online bitcoin exchange used by Russian criminals.
The FTC says LifeLock has violated a 2010 settlement by continuing to make deceptive claims about its identity theft protection services. After the FTC made the announcement on July 21, Lifelock's stock value plummeted.
With so much stolen PII available to fraudsters, it's time for banks and others to move to more sophisticated forms of authentication of customers' identities. Knowledge-based authentication is no longer reliable.