A draft of revised guidance from NIST drops a cryptographic algorithm the NSA is said to have used to circumvent encryption that shields much of global commerce, banking systems, medical records and Internet communications.
Within one day of the disclosure of the flaw known as Heartbleed, an attacker posing as an authorized user broke into a corporate computer system, exploiting the vulnerability in the OpenSSL protocol, the breach detection firm Mandiant says.
The breach of e-commerce retailer LaCie is the latest indicator that more fraudsters are targeting online merchants because card-not-present transactions are particularly vulnerable.
As Congress dawdles over enactment of a national data breach notification law, several states are taking action to strengthen consumers' rights when breaches occur.
Arts and crafts retailer Michaels says an investigation has now confirmed a data breach involving sophisticated malware may have compromised account information for 3 million payment cards.
Leading this week's industry news roundup, Sophos announces an update of its network security gateway hardware, while McAfee releases a tool to help combat the Heartbleed bug.
The SEC is planning to conduct more than 50 examinations to assess cybersecurity preparedness in the securities industry. Experts assess what other sectors can learn from this effort.
The Royal Canadian Mounted Police have arrested and charged a 19-year-old London, Ontario, man for his alleged role in exploiting the Heartbleed vulnerability to steal data from the Canada Revenue Agency website.
Comptroller of the Currency Thomas Curry warns in an April 16 speech that third-party security risks are posing increasing vulnerabilities for community banks. Learn about the advice he offered.
Computer hardware retailer LaCie is notifying customers about a breach involving payment card data that went on for almost a year. A forensics investigation of the incident, which involved malware, is continuing.
The nation's largest financial institution, JPMorgan Chase, is taking an appropriate leadership role by describing how it's ramping up its security efforts, say analysts, who assess the bank's plans for three cybersecurity centers.
In the wake of recent high-profile retail breaches, the PCI Security Standards Council is supporting a move toward chip card technology that conforms to the Europay, MasterCard, Visa Standard, says General Manager Bob Russo.
The indictment of nine alleged participants in a fraud scheme that involved infecting thousands of business computers with Zeus malware to steal millions of dollars shows that the malware remains a formidable ongoing threat.
Tech companies continue to respond to the Heartbleed vulnerability by issuing alerts and patches to mitigate potential data compromises. Learn the latest advice from Trend Micro and ICSA Labs, plus updates from Rackspace, Akamai and Bitcoin.
CISOs in all sectors are taking steps to mitigate the risks posed by the OpenSSL vulnerability known as the Heartbleed bug. Learn how they're sizing up the situation and taking action.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.