Preventing Retail Data Breaches: Defining Best Practices

The National Retail Federation recently presented Congress with a set of solutions aimed at better protecting consumers and helping businesses prevent data breaches. “We should not be satisfied with simply determining what to do after a data breach occurs,” NRF senior vice president for Government Relations David French said in a statement. “Instead, it is […]

Need to Know Now News Roundup: PoS Breaches, Destructive Malware, and Patch Tuesday

POS Breach Bigger Than Reported? Point-of-sale (POS) maker Harbortouch last week disclosed a breach involving “a small number” of its restaurant and bar customers, who were impacted by malicious software that allowed thieves to siphon customer card data from affected merchants. KrebsOnSecurity is reporting that a major U.S. card issuer has said that the company […]

Healthcare Records Theft On The RIse

Insider negligence is no longer the number one cause of data breaches in the healthcare industry – cybertheft and physical theft have now claimed the dubious honor. The Ponemon Institute’s new Fifth Annual Benchmark Study on Privacy and Security of Healthcare Data, shows that healthcare information has become a prime target for malicious hackers, with […]

Insights From Verizon’s Data Breach Investigations Report

In early spring, while many people are anticipating the return of warm weather and blue skies, the information security industry is looking forward to the release of Verizon’s annual Data Breach Investigations Report (DBIR). Published since 2008, DBIR is a data security reference guide, playbook and bible. Global in scope, the report analyzes thousands of […]

Key Takeaways from Interop

Security was on everyone’s mind at this year’s Interop Las Vegas conference, with workshops ranging from insider threats to social engineering, supply chains and managing targeted attacks. One key point that emerged from all of the discussion was that businesses and governments need to understand the motivations of cyber attackers. Dmitri Alperovitch led the INTEROP […]

Retail PoS Systems, Ancient Passwords – What You Need To Know Now

You’ve probably seen coverage of the big RSA reveal regarding the fact that point of sale devices from a specific vendor have used the same pre-set administrator password for the last quarter of a century. Security researchers Charles Henderson and David Byrne, at their RSA presentation, were the ones who shared this discovery. More troubling, […]

Key Takeaways from RSA 2015

RSA 2015 drew more than 28,000 security-minded people to its latest week-long conference in San Francisco. The key takeaways from the discussions, workshops, and keynotes were highlighted by the tech, business, and mainstream press. The Associated Press coverage pointed out that attending RSA is a particularly sobering experience for those not involved in the security […]

Retail Digital Security Best Practices

The National Retail Federation recently presented Congress with a set of solutions aimed at better protecting consumers and helping businesses prevent data breaches. “We should not be satisfied with simply determining what to do after a data breach occurs,” NRF senior vice president for Government Relations David French said in a statement. “Instead, it is […]

New Retail PoS Malware Discovered

A new malware family targeting point-of-sale (PoS) systems, is infecting machines in order to scrape [payment card iinformation from memory. The malware, dubbed PoSeidon, was initially spotted by researchers from Cisco’s Security Solutions (CSS) team. PoSeidon, like most point-of-sale Trojans, scans the RAM of infected terminals for unencrypted strings that match credit card information. End-to-end […]

CryptoWall Is Back – Beware Infected “Help” Files

A new wave of ransomware attacks are using .chm attachments to execute malware that encrypts files on infected machines. The files remain locked until a ransom is paid in bitcoin currency. And all it takes is one careless employee’s click to infect a network. .chm is the file extension used by the Compiled HTML file […]