Financial institutions are starting to report fraud tied to the massive Home Depot payment card data breach. One card issuer calls the fraud ramp up "much greater than what we saw from Target, Michaels and Neiman Marcus."
Home Depot says an estimated 56 million payment cards were exposed in a data breach at its U.S. and Canadian stores. The retailer says an investigation revealed the breach involved custom-built malware not used in other cyber-attacks.
A cross-site scripting vulnerability at eBay.co.uk left an undetermined number of users susceptible to an attack that attempted to steal their credentials when they clicked on links within a listing offering a used iPhone for sale.
Recalling an up to 10-day delay in Homeland Security helping other agencies cope with the Heartbleed vulnerability, DHS's Phyllis Schneck champions FISMA reform legislation that would codify the department's role as guardian of civilian agency IT.
When IBM unveiled BIOS - Basic Input/Output System - in 1981 with the introduction of its personal computer, few perceived it as a security threat. But now, NIST has issued a new guide to mitigate BIOS vulnerabilities in servers.
Experts review new allegations that have emerged about information security practices at Home Depot in the wake of the retailer confirming that it suffered a data breach resulting in the theft of an unknown quantity of credit and debit cards details.
What's the toughest challenge the U.S. faces when it comes to EMV? Randy Vanderhoof of the EMV Migration Forum points to getting POS software and terminals certified for EMV transactions. Find out what other hurdles he identifies.
While the new Apple Pay system is slated to debut next month in the United States, payment card brands say the system eventually will expand to some of the other 66 countries that already accept contactless payments.
Helping merchants deal with the growing threat of POS malware is one of the biggest challenges facing Troy Leach, CTO of the PCI Security Standards Council, who says the BlackPOS malware threat, in particular, "is keeping me up at night."
Google says just 2 percent of the recent dump of nearly 5 million credentials to Russian cybercrime forums contained valid Gmail username and password combinations. But anyone who reused the same passwords on other sites remains at risk from hackers.
The PCI Security Standards Council has released an update to its guidance for merchants on protecting against card skimming attacks in POS environments that spells out best practices for addressing the latest attack scenarios.