A federal judge has cleared the way for a class-action lawsuit filed by card issuers against Home Depot over the retailer's massive 2014 payments breach to proceed. In making the ruling, the judge noted that the banks' allegations regarding the retailer's security negligence appear to have merit.
Australia has pledged to spend AU$230 million over the next four years to bolster the country's cybersecurity stance. But two academics argue Australia isn't spending enough compared to the U.S. and U.K. and remains dangerously underprepared.
MySpace has confirmed it is resetting millions of accounts affected by the release of 360 million usernames, email addresses and passwords. According to one expert, more of these types of big breach announcements may be coming.
IBM's Vaidyanathan Iyer says security practitioners need new tactics to bridge the skills gap and fight emerging threats. He suggests the use of analytics and machine learning would easily help fill the gap in detecting threats.
A breach of an online service used by travelers to book train tickets in the Australian state of New South Wales appears to be more serious than first reported, with authorities advising customers to keep an eye on their accounts.
A Bangladesh probe says that an insider may have assisted attackers in perpetrating the $81 million cyber heist against Bangladesh Bank. SWIFT has unveiled new security measures to help other banks, but security experts say more will be needed.
Don't blame a lack of information security standards, security products or cybersecurity competence for the failure of breach defenses. In many cases, the culprit is design and implementation flaws in IT products, Robert Bigman, former CIO at the CIA, contends.
Singapore is considering data privacy and protection legislation soon, owing to strong support from the industry's data privacy and protection leaders. The government seems to be studying EU's General Data Protection Regulation closely to incorporate some elements.
In the wake of reports that 65 million stolen credentials from micro-blogging platform Tumblr have surfaced online, following 117 million LinkedIn credentials, it's clear that 2016 is fast becoming the year of what one security expert dubs "historical mega breaches."
Cross-regional collaboration, biological cybernetics and active defense/deception technology where some of the forward-looking themes at the recent MESA event in Dubai. Here are some highlights from ground zero.
AusCERT, one of the oldest computer emergency response teams in the world, has created "Flying Squad," an agile, quick strike unit that helps organizations deal with the aftermath of a data breach. GM Thomas King discusses the unit.
Since California passed its pioneering data breach notification law in 2003, many other states and some countries have followed suit. Here's a closer look at the status of breach notification requirements in four regions.
The breach notification site LeakedSource claims that social networking website MySpace has been hacked, with 360 million credentials containing 427 million encrypted passwords compromised. But LeakedSource acknowledges the age of the credentials is unknown. And the veracity of the data remains in question.
Troy Hunt, who runs one of the most prominent services for discovering if your data has been exposed in a breach, shares his thoughts on LinkedIn's recent breach and how his approach to disseminating data breach details continues to evolve.
Start preparing immediately for the EU's new General Data Protection Regulation - even though it doesn't go into force for two more years - because it mandates a number of new privacy and security requirements, warns cybersecurity expert Brian Honan.