Fraud risks associated with Apple Pay have raised new worries about mobile payments, says Steve Kenneally of the American Bankers Association. During the ABA's Risk Management Forum April 15-17, experts compared three mobile solutions.
Islamic State sympathizers are exploiting a vulnerability in a WorldPress Content Management System plug-in to deface the websites of news outlets, businesses, religious groups and governments in the U.S. and abroad, the FBI says.
White Lodging Services Corp. has revealed a malware attack against point-of-sale systems at 10 of the hotels it manages, potentially exposing payment card data. The disclosure comes about a year after it confirmed a similar malware-related breach.
Some merchants want to postpone the EMV-related fraud liability shift, which major card brands have slated for October. But Randy Vanderhoof of the EMV Migration Forum sees "no reason to move the date."
New, advanced point-of-sale malware dubbed "Poseidon" can exfiltrate card data directly from every infected device. And security experts warn that too many retailers fail to test POS devices and segment networks to mitigate all malware threats.
The Target breach was the hot topic for many RSA 2014 attendees, but Gartner's Avivah Litan was already talking about the next Target - a UK retailer that may have suffered a similar hack, exposing payment card data.
Security experts advise banking institutions to take several steps, including enhancing authentication and ramping up commercial customer education, as a result of an increase in sophisticated online banking attacks involving a new variant of Dyre malware.
The Trojan "Laziok" targets energy firms throughout the Middle East, India, the U.S. and the U.K., warn security researchers at Symantec. The malware attempts to exploit a Microsoft Office bug patched in 2012.
Nine individuals have pleaded guilty to charges stemming from their roles in an identity fraud scheme. Among the defendants is a former military hospital worker who stole soldiers' personal information to file false federal tax returns, prosecutors say.
The U.S. Department of Justice has charged two former federal agents with money laundering and wire fraud based on allegations that they attempted to profit from the investigation into the underground narcotics marketplace known as "Silk Road."
Experts debate the value of new PCI guidance for how businesses should use penetration testing to identify network vulnerabilities that could be exploited for malicious activity. Does the new advice go far enough?