In notifying customers of a breach, the online archiving service Evernote might have confused some customers by sending them an e-mail that contained a clickable link to be used to reset passwords - despite warning against using such links.
The Federal Reserve confirms it's been breached. What message does this attack send to banking institutions and their vendors about the heightened urgency to implement security best practices?
Karen Scarfone, who coauthored NIST's encryption guidance, sort of figured out why many organizations don't encrypt sensitive data when they should. The reason: they do not believe they are required to do so.
Because many merchant compromises result from badly installed or configured applications, payments acquirers, such as Chase Paymentech, are stepping up to help address point-of-sale security.
NASA is ramping up efforts to encrypt all laptops following the recent theft of one containing sensitive personal information. Find out more about the U.S. space agency's encryption plans.
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.
Windows 8 is coming and includes security upgrades. How should security and technology leaders approach Microsoft's updated operating system? Forrester analyst Chenxi Wang offers recommendations.
As mobile transactions grow, so do the fraud risks. How is the Merchant Risk Council working with card issuers and merchants to address these threats? Nicolas Vedrenne of the MRC offers insight.
Nearly five years after announcing a competition to develop a new cryptographic hash algorithm, the National Institute of Standards and Technology announces a winner that was designed by a team of European scientists.
Visa's new end-to-end encryption service aims to eliminate payment card data at the merchant level. Eduardo Perez of Visa's Risk Group discusses the security value of this emerging solution.
Citadel, one of the latest Zeus trojan variants, is a prime example of how hackers are pairing sophistication with practical conveniences. RSA's Etay Maor explains why that combination is so threatening.
LinkedIn's failure to comply with long standing industry standard encryption protocols jeopardized its users' PII, and diminished the value of the services, the class action federal lawsuit filed in northern California says.
Gartner's Peter Firstbrook, to illustrate the vulnerability of IT systems, cites research that pegs at about 400 days the average time a targeted virus remains undetected on a computer. And, he says, that doesn't speak highly of the current offerings from security vendors.
Four recent breach incidents, including one affecting LinkedIn, have put the spotlight on the effectiveness of hashing. Why is hashing increasingly ineffective at protecting online passwords?
Payments processor First Data warns about an uptick in trolling - hackers sniffing networks for easy access to merchants' point-of-sale systems. What can banks do to help merchants prevent breaches?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.
