A closely held type of point-of-sale malware, DMSniff, is spreading further while another, GlitchPOS, has also emerged. Despite a surfeit of stolen payment card details on the black market, efforts to steal more continue, highlighting the continuing challenges around card security.
Forty-three states have reached a settlement with Neiman Marcus over its 2013 data breach, one of several breaches from that period blamed on in-memory malware. The retailer will pay $1.5 million and must use encryption and tokenization to protect card data.
As new payment options continue to emerge via mobile phones and internet of things devices, the PCI Security Standards Council is broadening its security efforts, starting with a new standard for contactless payments coming early next year, says Troy Leach, PCI SSC's chief technology officer.
As the HIPAA security rule turns 20, it's time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that's happened over the past two decades, says security expert Tom Walsh.
New PCI requirements that go into effect June 30 are pushing payment card acquirers, processors, gateways and service providers worldwide to implement more secure encryption protocols for transactions. But are they ready?
Security experts analyze the potential impact of recently announced changes to the PCI Security Standards Council's Qualified Integrators and Resellers Program that are designed to help smaller merchants prevent breaches.
A one-off approach to PCI DSS compliance often results in increased risk factors by creating discrepancies in security levels between environments within the shared network. Such an approach can be overcome by focusing on a central governance, risk, and compliance program designed to manage your organization's own...
The PCI Security Standards Council is creating a payments software framework, including two new standards that can evolve as the software rapidly changes, Troy Leach, the council's CTO, explains in this in-depth interview.
Verizon has made a strong case for continual PCI DSS awareness with its new study of payment card data security. But like many vendors that conduct their own studies supporting their business cases, Verizon makes suspect logical stretches.
Fraudulent social media brand pages are often used for phishing, malware, and other scams which negatively impact your customers and damage your brand reputation. How can organizations take action against these accounts?
Download this whitepaper and learn how to:
Identify fraudulent accounts;
Create an organized...
The FBI, Gartner, and many other security analysts cite social media as one of the fastest growing security threats. That is why it is important for security teams at organizations with a significant social media presence to gain an understanding of this new attack surface and develop a plan to protect the...
Little has been done to address the social media hacking problem despite continued headlines. Most organizations lack the protective countermeasures or the expertise to mitigate risk and respond to incidents. Few companies know how to re-gain control after an account compromise or how to prevent an attack in the first...