Mandarin Oriental Hotel Group and Natural Grocers are two of the latest merchants to confirm breaches of their point-of-sale systems. Security experts analyze the impact these breaches are likely to have on issuers and cardholders.
As part of its biggest reorganization in its nearly seven-decade history, the Central Intelligence Agency is creating a Directorate of Digital Innovation that will use cyber technology to amass and analyze intelligence.
All Windows operating systems are at risk from the SSL/TLS vulnerability known as Freak, Microsoft warns. The company has outlined temporary workarounds - except for Windows Server 2003. Experts say no in-the-wild attacks have yet been seen.
British police over the course of this week launched 25 cybercrime-targeting raids and made 57 arrests, including suspects who have been tied to a U.S. Defense Department network intrusion, Lizard Squad attacks, as well as a massive Yahoo breach.
Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.
Many Apple and Android devices are vulnerable to a TLS/SSL "Freak" flaw, which could be exploited to subvert secure Web connections. The flaw is a legacy of U.S. government export restrictions on strong crypto.
Banking institutions' technical and procedural shortcomings pose increasing risks to the nation's critical infrastructure, two banking regulators note. Learn why they say more transaction monitoring and information sharing are needed.
Canadian Internet service provider Rogers Communications has confirmed that information about the company and its customers was leaked after attackers successfully targeted one of its employees via a social engineering attack.
New exploits linked to Apple Pay aren't compromising the mobile device's security, but instead are taking advantage of lax authentication practices used by banking institutions to verify cards that are loaded to the iPhone for Apple Pay purchases.
Information on 50,000 drivers for ride-sharing service Uber was breached in May 2014, the company discovered in September and announced on Feb. 27. Uber has launched a related lawsuit and is seeking records from code-sharing website GitHub.
Congress, at the 11th hour, passed a bill to fund the Department of Homeland Security for the next seven days, averting for now a partial shutdown that would have curtailed some cybersecurity programs.
Lenovo, the world's largest PC manufacturer, promises to stop preinstalling any software on its Windows laptops that doesn't need to be there. The move comes following security alerts relating to the Superfish adware the company had been preinstalling.
SIM card manufacturer Gemalto says its investigation into a reported U.S. and U.K. intelligence agency espionage operation found that its internal networks housing encryption keys weren't breached. But security experts question those findings.