Nearly two weeks since news of Shellshock broke, attacks that are taking advantage of the Bash vulnerabilities are grabbing headlines. But Michael Smith of Akamai warns that the battle against hackers capitalizing on Shellshock could go on for years.
The development of authentication technologies that could replace the password is "nearing a tipping point," but there's still several years of work to do, says Jeremy Grant, who oversees the National Strategy for Trusted Identities in Cyberspace.
As researchers scramble to learn more about Shellshock and the risks it poses to operating systems, servers and devices, Michael Smith of Akamai explains why not all patches are actually fixing the problem.
To mitigate the newly discovered Bash bug - AKA Shellshock - which may make millions of systems vulnerable to remote takeover, organizations must take several key steps, says security expert Alan Woodward.
What's the toughest challenge the U.S. faces when it comes to EMV? Randy Vanderhoof of the EMV Migration Forum points to getting POS software and terminals certified for EMV transactions. Find out what other hurdles he identifies.
Today's sophisticated fraud threats are daunting. But security adviser Neira Jones is more concerned about financial institutions' lack of preparedness to face these threats. A London Fraud Summit preview.
Helping merchants deal with the growing threat of POS malware is one of the biggest challenges facing Troy Leach, CTO of the PCI Security Standards Council, who says the BlackPOS malware threat, in particular, "is keeping me up at night."
What steps can organizations take to mitigate insider fraud threats? Michael Theis of Carnegie Mellon, a featured speaker at ISMG's upcoming Fraud Summits in Toronto and London, explains why using data analytics is key.
The EU is expected to approve in October an updated data protection law that spells out uniform breach notification requirements, security expert Jacky Wagner explains. The measure would apply to any business that targets Europeans.
Amidst a year of high-profile and costly data breaches, what can organizations be doing to help ensure they aren't the next victims? Charley Chell of CA Technologies discusses new authentication solutions.
Call center data and logs can help banks predict account-takeover attempts across multiple banking channels, says fraud expert Matt Anthony, a presenter at ISMG's upcoming Fraud Summits in Toronto and London.
The explosion in POS malware attacks against U.S. merchants highlights the need for retailers to take bolder security steps. Troy Leach of the PCI Council and Karl Sigler of Trustwave outline key steps.
In an in-depth interview, Adam Sedgewick, the point man for the NIST cybersecurity framework, addresses misconceptions about the guidance, the costs to implement it and its role as a marketplace catalyst.