The Court of Justice of the European Union has ruled that the EU-U.S. Safe Harbor data sharing agreement is invalid because the United States has failed to safeguard Europeans' privacy rights. Legal experts say the judgment is a direct response to Edward Snowden's revelations.
As a result of Experian's data breach, 15 million T-Mobile subscribers are at risk from phishing attacks and fraud. But it's not clear what more T-Mobile can do to protect breach victims, says security specialist Mark James.
In the wake of the Oct. 1 EMV fraud liability shift date, U.S. merchants can expect to pay for counterfeit fraud losses previously absorbed by European issuers, says Jeremy King of the PCI Council. Longer-term, he expects European banks will experience more fraud as U.S. POS and card security leapfrogs other markets.
Discount brokerage firm Scottrade says hackers accessed its computer network and stole names and street addresses of millions of its clients. The firm says it learned of the intrusion from law enforcement officials.
Credit-rating provider Experian says a hack attack compromised a server storing sensitive personal information on millions of T-Mobile customers, including those requiring credit checks for service or device financing.
A Russian cybercriminal who used the Citadel banking Trojan to infect at least 7,000 PCs has received a 4.5 year jail sentence. Authorities tracked him in part thanks to his posts to a Citadel user group.
Reports that a Linux-based botnet has been lobbing 160 Gbps packet storms highlight how DDoS attacks remain alive and well. Experts also warn that DDoS attackers are mixing Windows and Linux malware and running extortion scams.
Even if China fails to live up to its promise to stop pilfering corporate trade secrets, as America's spy chief predicts, the U.S. could still benefit diplomatically from the two nations' cybersecurity agreement.
In addition to having a dedicated individual or team responsible for privacy matters, organizations must ensure their information security and IT staffs are knowledgeable about data privacy issues, says Trevor Hughes, CEO of the International Association of Privacy Professionals.
The commoditization of attack infrastructure and services in the cyber-criminal underground, and the low cost and ease of launching targeted attacks, are growing concerns that require new defense strategies, says Trend Micro's Raimund Genes.
Cybercrimnals are now using the Dyre and Dridex banking Trojans to gather massive amounts of data about individuals and companies that could enable them to track patterns of behavior, which might later help them evade intrusion detection, says Fox-IT's Eward Driehuis.
The hotel chain bearing 2016 U.S. presidential candidate Donald Trump's name has confirmed that its point-of-sale systems were malware-infected for more than a year, but it's downplaying the possibility that card data was exfiltrated or used to commit fraud.
Defeating biometrics-based security with far-fetched schemes, such as stealing or replacing eyeballs and fingertips, is a recurring theme in the movies. But real-world advances in authentication will help make it difficult to circumvent real-world security.
Europe's successful migration to EMV, which began more than a decade ago, employed deadline shifts, education for cardholders and merchants and an approach based on PIN codes. Here are lessons for the in-progress U.S. migration to EMV.
The U.S. and China, as part of a cybersecurity agreement, have agreed not to conduct or knowingly support cyber-enabled theft of intellectual property with the intent of providing competitive advantages to companies or commercial sectors.