Revision 3 of the National Institute of Standards and Technology's Interagency Report 7511 defines the requirements and associated test procedures necessary for products to achieve one or more Security Content Automation Protocol validations.
A strategic security analyst from Mandiant, the company that's examining recent hacks from the inside, explains why such cyber-assaults will likely intensify under the leadership of China's new president, Xi Jinping.
The compromise of hundreds of payment cards, apparently tied to fraud worldwide, has been linked to a network hack affecting an Arizona supermarket chain. And the attack involved a new kind of malware, the chain says.
Visa recently warned card issuers to be on the lookout for an upswing in ATM cash-out schemes. But what can be done to thwart this type of fraud? A Visa executive provides specific tips.
Containerization - it's the latest strategy for securing the critical data accessed by remote workers and mobile devices. How is the concept deployed? David Lingenfelter of Fiberlink offers insight.
"The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked," Twitter's Bob Lord says.
New PCI data security guidance for e-commerce advises merchants to step up compliance efforts in the online environment to ensure card data is protected across the payments chain.
Although suggestions in a new Federal Trade Commission staff report do not have the force of law, they do provide guidance on how the agency could enforce American federal laws and regulations to protect the privacy of users of smart phones and tablets.
Some organizations concerned about the security flaws of third-party applications are building in-house app stores to service mobile device users. Read how the VA and Sanofi US have tackled the challenge.
Although a hacktivist group says it has suspended distributed-denial-of-service attacks on U.S. banking institutions, banking and security leaders aren't convinced. "Banks should certainly remain on guard," says Gartner's Avivah Litan.
The key to effective breach response is to not take a one-size-fits-all approach, says attorney Ronald Raether, who outlines top strategies organizations should consider when dealing with an incident.
Throughout 2013, security professionals will continue to face evolving mobile security challenges, says Javelin's Al Pascual, who, in a new report, analyzes the changing mobile threat landscape for the year.
The hacktivist group Izz ad-Din al-Qassam Cyber Fighters announced Jan. 29 that it is suspending its second campaign of DDoS attacks against U.S. banks. Learn why the group is ending the campaign.
A Montreal computer science student accessed, without authorization, an IT system to check if a software vulnerability he discovered had been remedied. This case raises the question: When, if ever, is such unauthorized action justified?
Managing advanced persistent threats will be a priority throughout 2013, says RSA CISO Eddie Schwartz. How should organizations defend themselves against APTs and the year's other top security threats?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.