To the list of vulnerable, Internet-connected devices - from routers and home alarms to baby monitors and toys - now add the world's most popular electric car: the Nissan LEAF. Nissan says a full fix is forthcoming.
As a result of high-profile breaches, emerging malware threats and increased regulatory scrutiny, CISOs at financial institutions are under more pressure than ever to develop innovative strategies for enhancing cybersecurity. And the CISO's evolving role will be a hot topic at RSA Conference 2016.
Think it's tough now for the government to compel Apple to retrieve encrypted data from a locked iPhone? According to news reports, Apple is busy creating new devices and services that will be even harder to hack.
The PCI Security Standards Council will soon release an update to its PCI Data Security Standard, requiring the use of multifactor authentication for administrators who have access to card data networks. In an interview, the council's Troy Leach explains the new requirements and compliance expectations.
Who's right: Apple or the FBI? Our readers continue to debate a magistrate judge ordering Apple to help unlock an iPhone tied to a San Bernardino shooter, raising such issues as strong crypto, backdoors as well as legal and moral responsibilities.
Apple is preparing for a long legal battle over the FBI's attempt to backdoor the encryption on an iPhone seized as part of an investigation. Experts say the case could have profound repercussions on technology and society.
The Department of Homeland Security issues new guidelines to expedite the sharing of cyberthreat information between the government and businesses. See specific examples on how information sharing works.
An alleged hacktivist suspected of launching a DDoS attack on a children's hospital has been arrested and charged after he and his wife were rescued at sea by a Disney cruise ship off the coast of Cuba. Will this case have a storybook ending?
Federal regulators have issued new guidance to clarify scenarios where HIPAA privacy and security regulation might apply, including for mobile health applications and electronic data exchange. Why are some organizations still so confused?
How will federal banking regulators respond to growing criticism of the FFIEC's Cybersecurity Assessment Tool? A new FDIC publication leads some experts to believe no new guidance is forthcoming. Here's why.
With the U.S. accelerating its adoption of the EMV chip, encryption and tokenization, life is going to get tougher for fraudsters, and card-not-present fraud will rise, says PCI Council Director Jeremy King. Regions with poor data security must beware.
Hong Kong toymaker VTech has revised its end-user license agreement to make clear that it can't be held legally responsible for any data breaches. Many security experts have reacted with fury. But is VTech's move unusual?
Even as the demand for security professionals grows, the outflow of practitioners from the profession is greater than the influx of fresh blood, says (ISC)Â² CEO David Shearer. How can this trend be effectively addressed?