Security expert Alan Woodward is warning that enterprises should ditch RC4 after researchers demonstrated practical attacks that demolish the crypto that's widely used in enterprise WiFi devices and for TLS.
The PCI Security Standards Council has just released version 2 of its point-to-point encryption standard. Jeremy King of the PCI SSC explains how this optional standard can complement PCI-DSS compliance.
Warning to LastPass users: Change your master password and ensure you're using multi-factor authentication. There has been a data breach that might allow attackers to crack passwords and reminders.
Encrypted browsing - using HTTPS - helps secure online communications, and Apple says developers must now employ the protocol by default. Likewise, the White House says that by 2017, all federal websites must adopt HTTPS-only policies.
The lead cybersecurity official for Britain's GCHQ intelligence agency dismisses charges that the U.K. conducts mass surveillance. But critics question the government's introduction of the Investigatory Powers Bill.
While the "Logjam" vulnerability raises serious concerns, there's no need to rush related patches into place, according to several information security experts. Learn the key issues, and how organizations must respond
The Department of Homeland Security will establish a Silicon Valley satellite office to improve relations with IT security vendors and recruit cybersecurity talent, Homeland Security Secretary Jeh Johnson said in a keynote address at RSA Conference 2015.
The PCI Security Standards Council has published a new version of its data security standard that calls for ending the use of the outdated Secure Sockets Layer encryption protocol that can put payment data at risk.
All Windows operating systems are at risk from the SSL/TLS vulnerability known as Freak, Microsoft warns. The company has outlined temporary workarounds - except for Windows Server 2003. Experts say no in-the-wild attacks have yet been seen.
Many Apple and Android devices are vulnerable to a TLS/SSL "Freak" flaw, which could be exploited to subvert secure Web connections. The flaw is a legacy of U.S. government export restrictions on strong crypto.
Chinese authorities reportedly want foreign software and hardware vendors that sell to its banking sector to share source code and encryption keys. Western technology firms have reacted with alarm.
Data breaches are inevitable, hence it's up to executives to ensure their enterprise is secured, without trying to encrypt everything, warns Prakash Panjwani, president and chief executive officer of SafeNet.
The Federal Reserve on Jan. 26 revealed its roadmap for an overhaul of the U.S. payments system, which includes plans for faster settlement and a focus on improving payments security to reduce fraud.
President Obama says he sees the need for law enforcement to gain access to terrorists' encrypted data, but stops short of calling for a law to require manufacturers to provide a so-called "backdoor" to break encryption on mobile devices.
British Prime Minister David Cameron reportedly plans to lobby U.S. President Barack Obama to criticize technology companies that offer encrypted communications that cannot be cracked by law enforcement or intelligence agencies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.