British police have arrested a third suspect in connection with the hack attack against telecommunications provider TalkTalk. Separately, Vodafone UK also issued an alert of a breach, which it traced to reused passwords.
Even though the U.S. is migrating to the EMV chip, Visa is still stressing the need for merchants to comply with the PCI Data Security Standard, says Eduardo Perez, the card brand's senior vice president of payment risk, in this video interview.
LifeLock says it has reached a tentative agreement on a settlement with the FTC regarding alleged information security shortcomings and other issues. It says it's also reached agreement on a proposed settlement of a related consumer class action lawsuit. The stock market reacted favorably to the announcements.
Too many companies lack an understanding of the business ramifications of cyber threats, says Juanita Koilpillai, president of the Digital Risk Management Institute. In a video interview, she describes why business owners and insurance companies must work together to develop modern cyber risk management programs.
British police have arrested a 15-year-old boy in connection with the suspected hack of TalkTalk. Security experts say that if a teenager was responsible, it's going to be difficult for the communications firm to prove that it takes customers' data security seriously.
Cyberattacks are challenging our current methods of defense, says Lance James, a global cyber intelligence adviser at the consultancy Unit 221b. In a video interview, he discusses the changes in tools and skills that must be made to fend off fast-moving adversaries.
A third data breach affecting TalkTalk has prompted sharp questions from U.K. public officials about whether stronger breach notification laws and breach-related penalties might help prevent more such incidents from occurring.
Despite the focus on external cyberattacks, insider attacks are almost as common and can potentially cause significantly more damage, says Michael Theis of Carnegie Mellon's CERT Insider Threat Center. In a video interview, he describes how science-based models can help organizations fight the battle from within.
HP has agreed to sell its intrusion detection and prevention software unit TippingPoint to security vendor Trend Micro for $300 million. But analysts say Trend Micro faces stiff breach detection and incident response competition.
European criminals combined cannibalized EMV chips from stolen cards with miniature microprocessors to build fake payment cards that defeated POS security checks, enabling them to steal as much as $680,000, French researchers say.
Attributing cybercrime to specific criminals is becoming increasingly critical, says Eward Driehuis of threat intelligence firm Fox-IT. Using the elusive Dridex campaign as an example, Driehuis explains in this video interview how many malware attacks are interconnected.
Apple has removed hundreds of apps from its App Store for violating its user-tracking guidelines. Chinese mobile advertising firm Youmi has issued "sincere apologies" for the tracking behavior and promised to compensate affected developers.