Cybercriminals broke into the payment card processing system used by the Madison Square Garden Co., owner of Radio City Music Hall and other iconic entertainment venues, harvesting payment card details for nearly a year.
European banks have seen a new wave of ATM jackpotting attacks, where machines are commanded by malware to spit cash into the waiting hands of criminals, according to a new report. But why is this report being cautiously received?
Security vendor Symantec plans to integrate identity theft protection services into its product offerings with its just-announced $2.3 billion pending acquisition of LifeLock, which has 4.4 million customers.
So, if 2016 was the year when mobile security threats finally started to materialize and mature, what can we expect to see in 2017? Tom Wills of Ontrack Advisory shares insight on the mobility threatscape and new enterprise solutions.
After complaints from merchants and an update from the Fed, Visa has modified debit routing rules, noting that merchants can route U.S. EMV debit transactions through any of more than a dozen available networks, and not just Visa's. The move could have implications for chip-and-PIN use.
Now that electronic health records have been widely adopted, the Department of Health and Human Services must do more to promote the exchange of complete, accurate and timely information, subject to appropriate privacy and security safeguards, according to a new federal watchdog report.
Three Mobile, one of the largest U.K. mobile providers, saw more than 132,000 accounts breached in a scam in which fraudsters ordered new devices for customers and then tried to intercept the deliveries.
Retail groups are asking Visa to clarify how it plans to level the playing field for EMV adoption in the U.S. - especially for routing EMV debit payments. In an interview, Mark Horwedel of the Merchant Advisory Group explains MAG's objections to Visa limiting merchants' transaction options for debit payments.
Vulnerable firmware has been highlighted again in a range of low-cost Android phones, raising concerns over their security. This latest incident comes 11 months after security analysts first raised flags.
Cloud-based services can be both a "blessing and curse" when it comes to dealing with security, says John Houston, CISO and associate counsel for the University of Pittsburgh Medical Center, who explains why in this video interview.
To combat breaches involving insiders, organizations need to limit employees' access to data and more closely monitor access activity, security expert David Gibson of Varonis says in this video interview.
Highlighting the latest ISMG Security Report: National Institute of Standards and Technology's Ron Ross explains how a new approach employing engineering principles can be used to build secure, trustworthy systems. Also, when a ransomware attack is deemed a breach.
Last month, the FFIEC issued an FAQ about its Cybersecurity Assessment Tool, reiterating that use of the tool is voluntary. But some critics say regulators are still questioning institutions about their use of the tool during IT examinations, meaning its use is not truly voluntary.
Most - but not all - ransomware attacks against healthcare organizations are reportable breaches requiring notification to affected individuals and federal regulators, Deven McGraw, deputy director of health information privacy at the HHS Office for Civil Rights, explains in this video interview.