Microsoft has issued an emergency fix for a vulnerability in Windows Kerberos that is being exploited via in-the-wild attacks. Attackers can leverage the flaw to gain all-access rights to anything inside an Active Directory Domain, experts warn.
Two Democratic members of Congress have sent letters to 16 financial institutions seeking information about any data breaches they've experienced and briefings from corporate IT security officers as Congress considers cybersecurity legislation.
Despite its massive data breach, Home Depot still reported a net earnings increase of 13.8 percent for the third quarter, compared to a year ago. The company describes its projected breach-related costs for the year.
While card issuers and payments acquirers are speeding up their EMV rollouts, Kate Larson of the Consumer Bankers Association says banks also should be implementing other technologies, including tokenization, in their efforts to fight fraud.
Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.
From PCs to tablets to smartphones, customers enter institutions from all electronic angles. And these new banking habits put new strains on traditional IT infrastructure. How can banks ensure security?
Organizations in all business sectors should take a series of steps to guard against "visual hacking," a low-tech method used to capture sensitive, confidential and private information for unauthorized use.
Attackers are targeting online banking users' account information worldwide through sophisticated phishing attacks designed to deliver Microsoft Word documents containing malicious macro code known as Dridex.
Microsoft has issued a patch to correct a critical vulnerability in Schannel, which encrypts transactions on most Windows platforms. The bug is "concerning" for organizations running the service, some experts say, comparing it to the Heartbleed flaw.
Comptroller of the Currency Thomas Curry says "it's only fair" that merchants should be responsible for some of the expenses that result when their systems are breached. Now, security experts consider the implications of his comments.
FireEye is warning Apple users about a flaw in which downloaded malicious apps can replace genuine iOS apps, an exploit the security firm is dubbing the "Masque Attack." Experts offer insights on mitigating the threat.