The chairman of the Securities and Exchange Commission, Jay Clayton, promised the Senate banking committee Tuesday that his agency is pursuing numerous cybersecurity improvements in the wake of a May 2016 breach.
The perimeter continues to dissolve, and the definition of endpoint is evolving, according to results of the SANS 2016 Endpoint Security Survey, now in its third year. In it, respondents say their organizations continue to connect new and different types of endpoints, including point-of-sale (POS) devices, printers,...
Infirmary Health System is the largest non-government healthcare team in Alabama, treating more than 100,000 patients annually. The organization deployed a security solution to qualify for meaningful use dollars and reduced security incidents significantly.
Download this case study and learn:
Why Infirmary Health...
The chairman of the U.S. Securities and Exchange Commission will face the Senate Banking Committee next week following the agency's belated disclosure that in May 2016, hackers stole secret market data from the SEC's systems and apparently used it for "illicit gain through trading."
In today's dynamic threat landscape, "real-time" is the operative phrase - and it needs to apply both to threat detection and incident response, says Tim Bandos of Digital Guardian. What are the required security controls and tools?
Hackers behind the mega-breach at Equifax stole data in May, but they - or other attackers - penetrated the credit bureau's systems in March, exploiting a vulnerability for which Apache Struts had issued a patch, just four days prior.
The arrest of 10 men in Uttar Pradesh for allegedly cloning fingerprints of authorized Aadhaar enrollment officers is once again stirring debate over whether it's wise for India to rely so heavily on Aadhaar for authentication.
Equifax made an error that led to one of the largest and most sensitive data breaches of all time, and the mistake was elementary: The credit bureau failed to patch a vulnerability in Apache Struts - a web application development framework - in a timely manner.
Equifax has a new problem on its hands: Argentina. Investigators with security consultancy Hold Security discovered that Equifax's Argentina website exposed national identity numbers for at least 14,000 citizens. But the information exposure may be far more extensive.
A 10-digit PIN used by consumers to freeze access to credit reports with Equifax is based on dates and times, several observers have noticed. Equifax says it plans to change how the PIN is generated, but experts say it's another troubling development for a troubled company.
Two Russian hackers, members of a group called "Shaltay-Boltai" - Humpty Dumpty in Russian - that stole and sold high-level Russian officials' emails, have been sentenced to serve three years in prison. The case against them may tie to a high-profile Russian treason investigation.
Instagram is warning that more users were affected by a hack of its systems than it first suspected. While email addresses - and some phone numbers - for celebrities, including Emma Watson and Lady Gaga, appear to have been compromised, 6 million account holders in total may have been affected.
The FBI has arrested Chinese national Yu Pingan on charges that he was a "malware broker" for a remote-access Trojan called Sakula that was used in the massive breaches of Anthem and the U.S. Office of Personnel Management, among other organizations.
Researchers claim that the startup company Creditseva, which helps individuals manage credit profiles, left client data exposed, but the company says there was no "breach." Security experts discuss the security challenges faced by startup companies.