The PCI Security Standards Council has issued an alert offering insights for mitigating the threat of "Backoff" POS malware, which has hit 1,000 U.S. businesses. Plus, the council is providing updated guidance for maintaining PCI-DSS compliance.
The PCI Council has unveiled new guidance for mitigating payment card risks posed by third parties. Troy Leach, the council's CTO, explains how banking institutions and merchants can put the guidance to use.
Federal authorities say the successful prosecution of a member of an international cybercrime ring proves progress is being made in shuttering ATM cash-out schemes. But some experts say processors and prepaid cards will continue to be targeted by attackers.
With the Senate Intelligence Committee overwhelmingly approving the Cybersecurity Information Security Management Act, common wisdom dictates the bill will head directly to the Senate floor. Not so fast.
A class action suit against breached restaurant chain P.F. Chang's China Bistro is unlikely to succeed, some security experts say, because proving consumer losses linked to specific merchant data breaches is difficult.
If the NSA's meddling in NIST cryptography standards soiled the reputation of the National Institute of Standards and Technology, an amendment approved by the House of Representatives could help restore it.
P.F. Chang's confirmed card breach has renewed debate about the state of security at U.S. merchants. The PCI Council's Bob Russo says that while there has been progress in recent months, the retail industry still has a long way to go.
In the wake of recent high-profile retail breaches, the PCI Security Standards Council is supporting a move toward chip card technology that conforms to the Europay, MasterCard, Visa Standard, says General Manager Bob Russo.
In many if not most enterprises, the chief information security officer reports to the chief information officer. After all, enterprises cannot function without IT, and security is a support function to safeguard data and systems. Or is it?
A class action lawsuit filed by two banks against Target in the wake of its 2013 breach has an unusual twist: It seeks damages from Target and Trustwave, allegedly the retailer's qualified security assessor. Experts offer an analysis.
Banking institutions should be evaluating zero-day vulnerability risks posed by Microsoft's dropping of support next month for Windows XP. But experts say their biggest concern should be how those vulnerabilities will affect customers and vendors.
In the second full day of RSA 2014, ISMG's editors record exclusive video interviews with Troy Leach of the PCI Council, Adam Sedgewick of NIST and Gartner's Avivah Litan. What insights do these thought-leaders share?
Organizations in all sectors can improve their compliance with the PCI Data Security Standard by taking five critical steps, says Rodolphe Simonetti of Verizon Enterprise Solutions, which just issued a new PCI compliance report.