Determining the impact in India of the WannaCry worldwide ransomware epidemic is challenging because so few organizations routinely report security incidents, says Shree Parthasarathy of Deloitte India, who hopes the incident will serve as a catalyst for enhanced cybersecurity.
Cyber threats pose a risk to federal agencies accomplishing their designated missions. By following best practices to simplify security intelligence, an agency reduces the burden on its security operations team and allows technology to do the work of surfacing and responding to cybersecurity threats.
Travel industry software giant Sabre has alerted hotels that its software-as-a-service SynXis Central Reservations system - used by more than 36,000 properties - was breached and payment card data and customers' personal details may have been stolen.
In the wake of fraud reports, Blowout Cards has issued a security alert to customers, warning that an attacker hacked its website and installed a PHP file designed to skim payment card details at the time of purchase.
Free advice for breached businesses: Once you admit that you've suffered a data breach or that you're investigating a security incident, disseminate that message far and wide so no one can accuse you of trying to cover it up. That's the lesson from an incident at BlowOut Cards, a sports card trading site.
So-called "trust attacks" aren't waged for financial gain. They're waged to compromise data, data integrity and to expose sensitive information. Why Darktrace CEO Nicole Eagan says trust attacks will be among our greatest IoT worries in 2017.
Intercontinental Hotels Group says that in addition to 12 hotels that it directly manages suffering a point-of-sale malware outbreak that began in 2016, 1,200 IHG-branded franchise hotel locations in the United States were also affected.
Luxury clothing retailer Neiman Marcus has disclosed that a December 2015 breach compromised more sensitive information than first thought. It also disclosed a fresh attack in January that exposed names, contact information, email addresses and purchase histories.
IT security leaders deploy enterprise data loss prevention (DLP) for three major use cases: regulatory compliance, intellectual property protection and increased visibility into how users treat sensitive data. New research evaluates DLP products for these three use cases, based on nine critical...
Bryce Austin is a certified chief information security manager who weathered the storm as a senior group manager at Target during the retailer's November 2013 breach - a breach that resulted in the exposure of 40 million payment cards and personally identifiable information linked to an additional 70 million...
Not too fast, not too slow. Notwithstanding regulations and contractual obligations, that's legal and security experts' consensus on how quickly organizations that suspect they've been breached should notify individuals whose information may have been exposed.
A look at experts promoting blockchain as a secure way to share cyberthreat information leads the latest edition of the ISMG Security Report. Also, how sound waves pose a threat to IoT devices, smartphones and medical devices.
With apologies to Troy Hunt, the last thing you want to see in the morning as you're having your first cup of coffee and scanning the interwebz for cat videos is a notice from his "Have I Been Pwned" breach-alert service.
Payment-terminal maker VeriFone Systems says that attackers managed to access its corporate network in January, but that the intrusion and related breach was limited, has been contained and that any fallout appears to be minimal.
The Reserve Bank of India has mandated that all banks must report all unusual cyber incidents within two to six hours to enable issuing suitable cautionary advisories to other banks. Experts discuss the challenges financial institutions will face in complying with the new requirement.