Five new payment card data security requirements for third-party service providers are among the most significant changes included in version 3.2 of the PCI Data Security Standard released April 28, says Troy Leach of the PCI Security Standards Council.
Despite the arrest and conviction of scores of cyber criminals - including members of the Blackhole exploit kit, SpyEye and GameOver Zeus crews - malware and ransomware threats continue to grow.
A new U.S. Government Accountability Office report outlines weaknesses in vehicles' electronic systems that could be exploited to endanger occupants and offers ways to mitigate the risks.
The most important lesson from the lawsuit electronic health records vendor Epic Systems filed against Tata Consultancy Services is that data security controls must extend beyond protecting personally identifiable information to include intellectual property, attorney Ron Raether explains in this audio report.
Qatar National Bank has suffered a massive breach involving 1.4 GB of sensitive internal files being dumped online by unknown attackers. Experts say customers' records, access credentials and payment card data have been exposed.
A soon-to-be-launched pilot project funded by the National Institute of Standards and Technology aims to provide a potential model for how online access to patient information can be streamlined while boosting security, NIST trusted identities expert Phil Lam explains in this audio interview.
The U.S. government is actively disrupting - rather than just monitoring - computer systems, networks and communications technologies used by the jihadi fighters known as ISIS, ISIL or Daesh, according to a news report.
The online heist of $81 million from Bangladesh Bank involved custom malware that hacked the database used by the bank's SWIFT software, allowing attackers to transfer money and hide their tracks, according to BAE Systems Applied Intelligence. SWIFT will issue software updates and security guidance to all customers.
Like last year's breach of the online dating site Ashley Madison - tagline: "Life is Short. Have an Affair." - this year's release of the "Panama Papers" is holding individuals accountable for actions which, if not always illegal, in many cases appear to have at least been unethical.
Prosecutors have expanded a complex case, involving an alleged pump-and-dump stock scheme, hacking into U.S. banks and operating an unlicensed bitcoin exchange, to include money-laundering charges related to processing bitcoin ransoms paid by ransomware victims.
Visa's new plan to help merchants speed checkout times for EMV chip payments sounds good, in theory. But in reality, it isn't likely to have much immediate impact on either speeding EMV adoption or enhancing the user experience.
Two of the hacker masterminds behind the notorious SpyEye malware have each received lengthy prison sentences after pleading guilty to related charges in U.S. federal court. But alleged Zeus creator and accomplice Evginy Bogachev remains at large.
Epic Systems' successful lawsuit against India's Tata Consultancy Services raises many security questions. For example, why did Epic find out about the allegedly inappropriate downloading of trade secrets from an external whistleblower, rather than as a result of internal detection efforts?
A North Carolina orthopedic clinic will pay a $750,000 penalty as part of a breach-related federal settlement involving the release of 17,300 X-ray films containing patient information to a vendor without having a business associate agreement in place, as required under HIPAA.
"Internet of Things" developers must think about how attackers might attempt to exploit a device, and why, and then write code designed to block such attacks, says Charles Henderson, IBM's global head of security testing and threats.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.