Retailer Neiman Marcus suffered a setback in its attempt to win dismissal of a class-action lawsuit related to its 2013 breach. A federal court ruled that the suit can continue. But will the decision create a significant legal precedent?
The Ashley Madison dating website hack and threatened data release is a perfect illustration of the perils - and promise - of our Internet-connected, hacktivist age, whether it comes to online dating or the Internet of Things.
RSA Conference Asia Pacific & Japan kicked off in Singapore with some power-packed keynote sessions by security leaders. Here are some of my first impressions about the tone set for the event and the days to follow.
RSA Conference Asia Pacific and Japan starts July 22, and ISMG will be reporting to you from the conference floor. Here is our selection of some of the hottest sessions from the event agenda.
With so much stolen PII available to fraudsters, it's time for banks and others to move to more sophisticated forms of authentication of customers' identities. Knowledge-based authentication is no longer reliable.
After jumping by 33 percent in 2014, the number of Americans who consider themselves IT security professionals has remained flat for the first half of 2015, according to an examination of federal government employment data. That's bad news for employers seeking IT security pros to hire.
Shed a tear for enthusiasts of aging Microsoft Windows operating systems. That's because Microsoft has now retired Windows Server 2003 support, as well as anti-virus scanner and signature updates for Windows XP. But breaking up can be hard to do.
Is it wrong that accused Lizard Squad hacker Julius Kivimaki, a teenager who was convicted of 50,700 "instances of aggravated computer break-ins" attacks, gets to walk away without having to serve any jail time?
Tools to build and manage the ZeusVM banking Trojan have been leaked online, meaning that both die-hard and would-be criminals alike can now try their hand at running botnets, for free.
Although they apparently weren't caused by cyber-attacks, the impacts of computer failures at the New York Stock Exchange, United Airlines and the Wall Street Journal have much in common with the aftermath of breaches.
PCI-DSS will remain a viable standard even after EMV, as well as encryption and tokenization, become more common, argues Jeremy King of the PCI Council. He acknowledges, however, that the standard will have to evolve in light of changes in the payment system.
Soon, ongoing and persistent attacks waged for cyber-espionage and the compromise of personal and corporate information will be primary concerns for the financial services industry.
As federal lawmakers return this week from their Independence Day recess, Congress picks up where it left off before the break: holding hearings on the Office of Personnel Management breach that exposed the personal records of millions of government workers.
MasterCard is testing a smartphone app that lets users approve online transactions using facial recognition, via the equivalent of taking a selfie. But could such technology be spoofed, and will it reduce card fraud?
The PCI Security Standards Council has just released version 2 of its point-to-point encryption standard. Jeremy King of the PCI SSC explains how this optional standard can complement PCI-DSS compliance.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.