A credit card breach at six Splash Car Wash locations in Connecticut involved malware that compromised the company's credit card systems. Two security experts offer analysis of the incident.
A Florida law that takes effect July 1 toughens the state's data breach notification statute by, in part, broadening the term "personal information" to include individuals' usernames and e-mail addresses under certain circumstances.
Using big data to fight fraud is a challenge for most organizations. Andreas Baumhof of ThreatMetrix explains how context-based authentication combines fraud and security to leverage the use of big data.
Despite recent high-profile breaches, organizations are not buying cyber-insurance policies at explosive rates. But Gartner's cyber-insurance expert Juergen Weiss says that might not be a bad thing.
Could too much regulatory oversight hinder cyberthreat information sharing, rather than encourage it? That's an increasing concern for bankers, who argue regulators could bog down progress in cybersecurity.
Tim Pawlenty, CEO of the Financial Services Roundtable, says the only way to ensure adequate cyberthreat information sharing is through federal legislation that would furnish liability protection and other incentives.
As Keith Alexander tells it, when he led the National Security Agency, he didn't exist. Alexander discovered that 'fact' after he retired on May 21 as director of the NSA and commander of the Cyber Command and began shopping to buy a new home.
Microsoft is offering a new platform that's designed to help cybersecurity analysts and researchers across various industries share security and threat information. Two experts assess the effort.
Advanced payments technologies, such as chip cards, tokenization and end-to-end encryption, are effective at stopping card fraud at retailers, but only if they're used as part of a comprehensive threat-mitigation plan, says First Data's Paul Kleinschnitz.
Organizations are careful when granting privileged access to critical systems. But they struggle to govern these privileged identities. Merritt Maxim of CA Technologies shares new strategies.
A bank's $350,000 settlement with a California oil company should serve as a reminder that reasonable security measures offered by banks are increasingly critical to the outcome of account takeover disputes.
A DDoS attack and subsequent data breach that led to the shuttering of source code hosting firm Code Spaces offers an eye-opening reminder to be aware of attacks used as a diversionary tactic to draw attention away from devastating hacking.
If the NSA's meddling in NIST cryptography standards soiled the reputation of the National Institute of Standards and Technology, an amendment approved by the House of Representatives could help restore it.
Infrastructure security used to be more manageable. But it's far more complex in today's cloud environment. Carson Sweet of CloudPassage shares insight and strategies to improve cloud infrastructure security.
Several U.S. card issuers confirm that new alerts from Visa suggest the P.F. Chang's China Bistro breach could date back to September 2013, some two months before the attack that compromised Target.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.