A cross-site scripting vulnerability at eBay.co.uk left an undetermined number of users susceptible to an attack that attempted to steal their credentials when they clicked on links within a listing offering a used iPhone for sale.
Recalling an up to 10-day delay in Homeland Security helping other agencies cope with the Heartbleed vulnerability, DHS's Phyllis Schneck champions FISMA reform legislation that would codify the department's role as guardian of civilian agency IT.
Israeli Prime Minister Benjamin Netanyahu may have been a bit premature to claim Israel has deployed a cyber "iron dome" to protect its critical IT and defense systems. But a new initiative under way will try to do just that.
C&K Systems, the vendor identified by Goodwill as the source of a breach that impacted about 330 of its stores, has confirmed details of the 18-month breach of its "hosted managed services environment" affecting three of its clients.
Experts review new allegations that have emerged about information security practices at Home Depot in the wake of the retailer confirming that it suffered a data breach resulting in the theft of an unknown quantity of credit and debit cards details.
Home Depot has confirmed a breach that potentially impacts customers in the U.S. and Canada. The latest infographic from DataBreachToday provides an overview about what we know so far.
JPMorgan Chase has confirmed that it "uncovered an attack by an outside adversary recently where the firm's technology environment was compromised." Find out the latest details.
Helping merchants deal with the growing threat of POS malware is one of the biggest challenges facing Troy Leach, CTO of the PCI Security Standards Council, who says the BlackPOS malware threat, in particular, "is keeping me up at night."
The Office of Personnel Management's decision to stop using U.S. Investigations Services for certain security clearance services, which came a month after a breach of company computers, could be as much a reflection on OPM as it is on USIS.
Recent hacking incidents affecting HealthCare.gov, Community Health Systems and other healthcare organizations illustrate the need to urgently ramp up defenses against emerging cyberthreats, two security experts say.
In hopes of getting stalled national data breach notification legislation moving in Congress, two senators have asked Home Depot and Apple Inc. to brief lawmakers on the circumstances behind their recent breaches.
Google says just 2 percent of the recent dump of nearly 5 million credentials to Russian cybercrime forums contained valid Gmail username and password combinations. But anyone who reused the same passwords on other sites remains at risk from hackers.
Amidst a year of high-profile and costly data breaches, what can organizations be doing to help ensure they aren't the next victims? Charley Chell of CA Technologies discusses new authentication solutions.
Security experts are advising Google users to change their passwords in the wake of almost 5 million usernames and passwords surfacing on Russian cybercrime forums. But some of the stolen data may be several years old.
Once the now-delayed HIPAA compliance audits resume, federal regulators will be conducting more on-site audits and fewer remote desk audits of covered entities and business associates than originally planned.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.