Sally Beauty Supply says that a four-week investigation shows that the retailer suffered a six-week point-of-sale malware attack at U.S. stores, compromising card data for an unknown number of customers.
Wire fraud perpetrated via business email compromises has quickly become a top concern for banking institutions. Now one bank fraud executive predicts this type of fraud could exceed $1 billion this year.
BitSight Technologies conducted research on breached organizations and how they were impacted by botnets. The results are eye-opening, says CTO Stephen Boyer, offering insights from this study.
Five best practices noted in version 3.0 of the PCI Data Security Standard will become requirements after June 30, with remote access and third-party risks the key focus - particularly for smaller merchants.
What's wrong with the way we're practicing cybersecurity now? What are the biggest security gaps? BAE Systems Applied Intelligence's Jim Anderson shares his view.
Using personal information gained from third-party sources to circumvent authentication protections, hackers breached 100,000 accounts of taxpayers who had used the IRS's "Get Transcript" application, which has been temporarily shuttered.
Banking is no longer just about bricks-and-mortar. With institutions increasingly adopting Web and mobile banking, the threat landscape is changing. Cisco's Pravin Srinivasan shares insight for practitioners.
The U.S. Senate has delayed until May 31 a decision on whether to follow the House and approve a proposal to scrap the National Security Agency's bulk collection of Americans' telephone metadata.
MasterCard's breach settlement with Target has been derailed after not enough card issuers agreed to the terms. Now MasterCard is expected to attempt to renegotiate, while banks continue with a class-action lawsuit against the retailer.
Britain's computer emergency response team - CERT-UK - reports that malware remains the dominant mode of online attack for cybercriminals, and Zeus their most preferred tool of choice. But the team is promoting a free information-alert service to help.
A U.S. Department of Commerce proposal to restrict the export of so-called "intrusion software" to prevent foreign adversaries from acquiring zero-day exploits has raised concern in the developer community.
Will the upcoming departure of Benjamin M. Lawsky, superintendent of the New York State Department of Financial Services, slow down recently announced plans for new cybersecurity initiatives?
While the "Logjam" vulnerability raises serious concerns, there's no need to rush related patches into place, according to several information security experts. Learn the key issues, and how organizations must respond
"Millions" of devices from numerous router manufacturers appear to use a third-party software component called NetUSB, which can be exploited to bypass authentication checks and remotely take control of the devices, security researchers warn.
Numerous websites, mail servers and other services - including virtual private networks as well as "all modern browsers" - have a 20-year-old flaw that could be exploited by an attacker, computer scientists warn.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
