British regulators have fined Dixons Carphone $653,000 for a breach that exposed millions of payment card details and personal data due to point-of-sale malware. The retailer's lack of security contributed to a "careless loss of data," the Information Commissioner's Office says.
Researchers are attempting to develop new forms of cryptography that could not be cracked by powerful quantum computing devices that are in the works. Divesh Aggarwal, principal investigator at Singapore's Center for Quantum Technologies, describes the efforts.
The FBI has sent a letter to Apple asking for help in accessing encrypted data from two iPhones belonging to a deceased shooter. The bureau's move may be a prelude to another legal fight between the FBI and Apple over strong encryption.
Adopting the policies in NIST 800-171 brings multiple security-related benefits, including best practices for data access policies, reduced risk of data breaches and insider threats, and a scalable approach to protecting sensitive data.
Protecting enterprise networks from attackers boils down to the same thing: Unless organizations get the basics right, they're sitting ducks. That's a top takeaway from experts warning that Iran will likely retaliate with cyberattacks after one of its senior military leaders was killed by a U.S. drone strike.
Following the U.S. killing of Iran's Maj. Gen. Qasem Soleimani last week, security experts have warned of possible retaliatory cyber strikes. Tom Kellermann of VMware believes those attacks are imminent. "The period of mourning is over, and I think the holy war in American cyberspace is yet to begin."
The latest edition of the ISMG Security Report discusses countering the threat of nation-state cyberattacks in 2020. Also featured: an update on France's experiment with facial recognition technology and sorting out what "zero trust" really means.
Microsoft has taken control of 50 domains that the company says were used by a hacking group with ties to North Korea. The attackers used these sites to launch spear-phishing attacks against specific victims and spread malware.
A persistent question over the past several years is which managed service providers were affected by APT10, a tenacious Chinese hacking group. But a Wall Street Journal investigation on Monday has revealed new companies affected by Cloud Hopper attacks.
Human error looks to be the obvious culprit in an accidental data breach by Britain's Cabinet Office, which published the home addresses of celebrities such as Elton John and Olivia Newton-John when it released a list of individuals set to be recognized for their contributions to British society.
While Congress is unlikely to pass major new national cybersecurity legislation in an election year, federal regulators and state attorneys general will be busy addressing evolving health data privacy and security issues in 2020, predicts attorney Marcus Christian of the law firm Mayer Brown.
"Zero Trust" security is rapidly transitioning from a marketing buzzword to a practical methodology for protecting today's global networks. Stan Lowe, global CISO of Zscaler, shares his 2020 vision for zero trust.
The cybersecurity outlook for 2020 and the new decade will be characterized by more advanced, targeted and coordinated attack vectors designed to exploit the cybersecurity skills shortage, along with congenitally poor security fundamentals and hygiene.