Application security is not keeping pace with evolving attacks, says Prasenjit Saha, a CEO at the consultancy Happiest Minds Technologies. One problem: lack of a standard, secure coding process in the application development life cycle.
The FFIEC warns U.S. financial institutions that they're at increased risk from attacks that are designed to harvest large amounts of credentials, as well as from destructive "wiper" malware attacks.
Premera Blue Cross already is facing five class action lawsuits in the wake of its massive data breach. Meanwhile, its CEO has provided some answers to questions posed by a U.S. senator regarding the hacker attack.
Chinese officials have reportedly agreed to delay some banking-sector requirements aimed at foreign technology vendors, who were instructed to submit to rigorous audits and to add government-approved backdoors to their products.
Experts debate the value of new PCI guidance for how businesses should use penetration testing to identify network vulnerabilities that could be exploited for malicious activity. Does the new advice go far enough?
DDoS attackers have been targeting the popular code-sharing website GitHub. Security experts say the massive attacks appear to have originated from China and been designed to disrupt access to GitHub-hosted anti-censorship tools.
Slack Technologies, a tech start-up that offers a group chat tool, announces it's rolling out two-factor authentication after hackers breached a database of user profile information.
The House Intelligence Committee has approved cyberthreat information sharing legislation that its leaders developed. Meanwhile, a national data breach notification bill has been introduced that's modeled on language proposed by the White House.
Upticks in fraud perpetrated through mobile banking and mobile payments are a growing concern for regulators, says David Lott of the Federal Reserve Bank of Atlanta, who explains ongoing security initiatives.
To help take down global "carding" rings, the U.S. Justice Department wants to expand current law so it can prosecute those who commit fraud anywhere in the world that involves U.S. payment card data.
While the Indian finance ministry has announced incentives for banks to curb cash transactions and encourage the use of payment cards, security experts caution CISOs about authentication and fraud risk.
Nine compelling threats will make securing IT more challenging than ever over the next two years, says Steve Durbin, managing director of the Information Security Forum.
Efforts by some Democratic members of a House subcommittee to amend a national data breach notification bill so that states could retain tougher data security requirements have failed. The measure now advances to a full committee.
Three state insurance commissioners are launching a joint investigation into the cyber-attack against Premera Blue Cross, which exposed personal data of 11 million individuals nationwide. Find out what will be examined.
Add the Protecting Cyber Networks Act to the growing list of cyberthreat information sharing legislation pending before Congress. Lawmakers are now considering four measures, all designed to help thwart data breaches.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.