Two zero-day vulnerabilities reportedly were exploited by the attackers who hacked NASDAQ's systems in 2010. While a senior U.S. legislator claims the hackers had "nation-state" backing, security experts say it's still not clear who hacked NASDAQ or why.
A security expert and average consumers respond differently to the eBay breach. As most customers retain a high degree of faith in online merchant security, the expert believes eBay committed a serious sin in its lack of strong authentication.
TotalBank, a subsidiary of Banco Popular that has 21 locations in South Florida, is notifying 72,500 customers that their account information was potentially exposed after an unauthorized third party gained access to the bank's computer network.
Enterprises should test the processes they establish to respond to advanced persistent threat attacks, just as they vet their business continuity plans, ISACA International President Robert Stroud says.
The National Institute of Standards and Technology should use the cryptographic community to help vet the advice it gets from the National Security Agency when creating cryptography guidance, a panel of prominent experts recommends.
Three Chinese nationals seeking to make "big bucks" broke into the computers of Boeing and other military contractors, stealing secrets on transport aircraft, a U.S. criminal complaint says. Read how they allegedly did it.
The Department of Homeland Security confirms that "a potential intrusion" of the Office of Personnel Management's network occurred in March but says officials have not identified any loss of personally identifiable information.
In this week's breach roundup, read about the latest incidents, including a clerical error at a medical center that resulted in letters containing personal information being sent to the wrong recipients.
Criminals have begun targeting ATMs in Western Europe using malware, as well as a new generation of stealthier skimmers designed to capture card data and PIN codes. But the stolen data is often used for fraud elsewhere, especially the U.S.
Attorneys for Target have requested a halt in the discovery process for class action lawsuits stemming from the retailer's December 2013 data breach until the court can consider its forthcoming motions to dismiss most of the suits.