Attackers likely purchased malware in underground "cybercrime-as-a-service" markets to use in recent credit card breaches, including the Target Corp. attack, a new report from McAfee Labs asserts. Adam Wosotowsky explains the report's findings.
One key factor in efforts to reduce reliance on passwords for authentication will be international acceptance of the FIDO Alliance's soon-to-be released protocol for advanced authentication, says Michael Barrett, the alliance's president.
Recent data breaches, such as the ones suffered by Target Corp. and Neiman Marcus, may have been detected sooner if retailers had been sharing transactional pattern and behavioral information about their customers, says Mike Braatz of ACI Worldwide.
A retailer should help pay for card re-issuance and other expenses after a breach if the merchant is shown to have had inadequate security in place, says Viveca Ware of the Independent Community Bankers of America.
Healthcare organizations can now take advantage of a growing number of resources offering guidance on improving medical device security. Learn about the latest security assessment framework that's now being tested.
Congress heard testimony from cybersecurity experts this week about the steps that should be taken to minimize the risk of breaches of the payments system. Learn what Troy Leach of the PCI Council and others had to say.
In this week's breach roundup, read about the latest incidents, including a breach at the food company Smucker's that compromised payment information, and an incident involving suspicious activity on a North Dakota University server.
Distributed-denial-of-service attacks are a concern for all organizations. But financial institutions face unique challenges, and so they require a unique level of protection, says Mark Byers of Fortinet.