With hack attacks continuing against banks, SWIFT must follow in the footsteps of other vendors - notably Microsoft - and begin offering detailed, prescriptive security guidance to its users, says Doug Gourlay of Skyport Systems.
Many financial institutions struggle with implementing effective multifactor authentication solutions. They may lack confidence in new methods or grapple with the difficulty of integrating newer technologies with legacy investments. So, what technologies and processes need to be in place to ensure MFA's adoption...
Russian email service Mail.Ru says its users' credentials contained in data leaked to Hold Security are 99.982 percent invalid, leading it to slam the security firm for stoking "media hype." But Hold Security's CISO contends the leak contains valid email addresses that could be used for phishing and spam.
A security firm claims to have obtained from a young Russian hacker a data set that includes 272 million unique credentials for Hotmail, Gmail and Yahoo email addresses, among others. But there's no reason to panic, security experts say.
The section chief of the FBI's Cyber Division says "the FBI does not condone payment of ransom," in part because it enables criminals to victimize others. Instead, the bureau continues to urge all potential victims to get their IT house in order.
Five new payment card data security requirements for third-party service providers are among the most significant changes included in version 3.2 of the PCI Data Security Standard released April 28, says Troy Leach of the PCI Security Standards Council.
A soon-to-be-launched pilot project funded by the National Institute of Standards and Technology aims to provide a potential model for how online access to patient information can be streamlined while boosting security, NIST trusted identities expert Phil Lam explains in this audio interview.
Visa's new plan to help merchants speed checkout times for EMV chip payments sounds good, in theory. But in reality, it isn't likely to have much immediate impact on either speeding EMV adoption or enhancing the user experience.
What could be worse than a ransomware infection? How about getting infected by "torture ransomware" that uses a sadistic puppet to taunt you, slowly deleting your encrypted files while increasing the ransom demand until you pay?
Apple's QuickTime media player and web browser plug-in should be immediately expunged from all Windows systems, security experts warn, in a reminder of the dangers of using outdated software - especially web browser plug-ins.
Enacting legislation to compel tech companies to help law enforcement decrypt data on mobile devices would diminish America's standing as a moral leader in the world, a nation looked up to by billions of people, even with our many flaws.
Tools and techniques need to be identified to aid law enforcement in gathering evidence from devices, such as smartphones, while safeguarding the security and privacy of individuals. Can stakeholders find that middle ground?
Cambridge Savings Bank in Massachusetts is incorporating biometrics into its online and mobile banking platform as a way to limit, and in some cases remove, the need for username and password authentication. In this case study interview, two bank executives discuss what others can learn from the project.
The keys to the digital kingdom are too easy to steal through malware and social engineering. What can security leaders do to help raise their organizations' level of privileged access management? Ken Ammon of CA Technologies offers insights in this video interview.
Just back from a trip to Israel, where she spoke with leading security researchers about such topics as the Internet of Things, cyberterrorism and banking malware, Gartner analyst Avivah Litan says 2016 will be a turning point for adoption of biometrics in identity proofing. Learn why in this video interview.