The PCI Security Standards Council will soon release an update to its PCI Data Security Standard, requiring the use of multifactor authentication for administrators who have access to card data networks. In an interview, the council's Troy Leach explains the new requirements and compliance expectations.
Who's right: Apple or the FBI? Our readers continue to debate a magistrate judge ordering Apple to help unlock an iPhone tied to a San Bernardino shooter, raising such issues as strong crypto, backdoors as well as legal and moral responsibilities.
Leading banking Trojans are expanding their targets, taking aim at industries outside banking to compromise financial accounts and other information, new research shows. And the botnets are proving difficult for law enforcement officials to take down.
By spring, banks and credit unions across the U.S. are expected to start rolling out "card-free" ATMs, offering transactions that experts say will eliminate fraud losses linked to skimming, and at the same time open new doors for mobile payments.
Kevin Haley, a researcher at Symantec, says the moneymakers behind Dridex are successfully infecting thousands of users worldwide on a monthly basis, purely through spam - making Dridex the most dangerous banking Trojan on the market today.
The United States and Israel hacked into Iran's military and civilian infrastructure as part of a secret program code-named "Nitro Zeus" that was designed to disable the country's critical infrastructure on demand, claims the new documentary film "Zero Days."
Multiple hospitals from Hollywood to Germany have been hit recently by ransomware attacks. It's a reminder that no organization is immune to outbreaks of malware that's designed to forcibly encrypt all data stored on PCs and servers.
The formation of a new U.K. taskforce that aims to curb financial fraud is getting mixed reviews from industry experts. Is this just a government PR move, or can the taskforce truly be effective? And could such a group have an impact in the U.S.?
Antonin Scalia's replacement could help push the Supreme Court to reinterpret the Constitution's Fourth Amendment to make it harder for the government to surveil citizens online and seize their records stored on servers maintained by cloud service providers.
Warning: Too many voice over IP devices being used in enterprise environments have well-known default passwords or no security at all, thus leaving organizations at risk from covert surveillance and toll-fraud scammers, experts say.
Hong Kong toymaker VTech has revised its end-user license agreement to make clear that it can't be held legally responsible for any data breaches. Many security experts have reacted with fury. But is VTech's move unusual?
Over a three-month period in 2015, a single cybercrime gang managed to earn at least $330,000 in bitcoins thanks to an estimated 670 victims paying attackers to decrypt ransomware-infected systems. Should police be doing more to stop these attacks?
Here's more evidence of how a data breach can have a major financial impact. The bill for U.K. telecom giant TalkTalk's October 2015 data breach could be as much as $94 million, and the incident resulted in the loss of 95,000 customers.
The banking malware known as Carbanak continues to evolve, and cybercriminals are now using it to wage APT-style attacks against banks as well as companies in other sectors, according to security researchers at Kaspersky Lab.
Have Russian authorities collared the cybercrime gang responsible for the notorious Dyre malware? Related attacks ceased after authorities raided a Moscow-based production company developing a movie called "Botnet," Reuters reports.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.