French authorities continue to investigate the Jan. 7 attack in Paris that claimed the lives of a dozen, including journalists and police officers. Information security experts say that cyber-forensic skills are crucial for finding the perpetrators.
A recent interview about why retailers say EMV without the PIN is a fruitless fraud-fighting effort has spurred debate among retailers and bankers. In the end, though, bankers' resistance to PIN is all about time and money.
The Reserve Bank of India is considering removal of its two-factor authentication requirement for small-value transactions. The goal: to facilitate easier transactions. But security experts fear the move may actually increase fraud.
Microsoft says it's prepping a patch for a Windows vulnerability that was recently disclosed by Google. The search giant's 90-day deadline for vendors to patch bugs has drawn both condemnation and praise from the information security community.
Spear phishing is going to be a leading worry for banks in 2015, as hackers increasingly target bank employees to compromise credentials used to access consumer and business accounts as well as critical servers and systems.
At least 12 million home and small-office routers from 50 manufacturers have a flaw that an attacker could remotely exploit to seize control of the device, steal data and redirect users to attack sites, warns security vendor Check Point.
After the complete collapse of network security at Sony Pictures - in the wake of its data breach - it's important that we highlight some of the organization's fundamental security mistakes. Here's a macro view of the lessons we must all learn.
In the wake of a data breach that followed a routine regulatory, a former regulator is asking why the agency failed to disclose the breach sooner, and why it has not accepted more responsibility for its error.
Once a file enters the network, we often lack the tools to monitor the file's behavior. In essence, using the point-in-time model, the security professional cannot retry the file for guilt or innocence.
A new report now claims the breach at JPMorgan Chase is linked to a server the bank's security team overlooked when upgrading to two-factor authentication controls. Why that oversight and a well-planned spear-phishing attack were all hackers needed.
The response by Sony Pictures Entertainment executives to the hack attack against their company provides a number of great examples for how to not to handle a data breach. Here are 7 key mistakes they made.
When you're thinking about securing your data assets and web site, how do you really know the value of what you're protecting? Akamai's Terrence O'Connor shares how to determine the cost of a data breach.
Richard Spurr has been CEO of security vendor ZixCorp for more than 10 years. How has his approach to e-mail security evolved, and how does he see evolving threats and the marketplace changing in the year ahead?
Researchers are alarmed about the increasing sophistication of crimeware-as-a-service, an underground business model that pushes adaptable malware from a botnet. How can banking institutions defend their accounts?