The PCI Council has unveiled new guidance for mitigating payment card risks posed by third parties. Troy Leach, the council's CTO, explains how banking institutions and merchants can put the guidance to use.
The hacker community can be a cynical crowd, or perhaps a realistic one, that tries to make the best of the threats confronting society. CISO Dan Geer, for example, prefers to hire security folks who are, more than anything else, sadder but wiser.
A U.S. federal court judge has upheld a warrant requiring Microsoft to give the Justice Department copies of e-mails being stored at a data center in Dublin. But Microsoft plans to appeal the ruling on privacy grounds.
The 9/11 Commission, in its 10th anniversary report, cautions Americans and the U.S. government to treat cyberthreats more seriously than they did terrorist threats in the days and weeks before Sept. 11, 2001.
A controversial U.K. "emergency" surveillance bill has become law, just seven days after being introduced to Parliament. But a privacy rights group has already promised to challenge the new law in court.
A security expert and average consumers respond differently to the eBay breach. As most customers retain a high degree of faith in online merchant security, the expert believes eBay committed a serious sin in its lack of strong authentication.
Choice Escrow is seeking a bench review of a recent appellate court ruling, which favored its former bank in an ACH fraud dispute. The firm argues the court set a bad precedent for future disputes by limiting Uniform Commercial Code protections.
The National Institute of Standards and Technology should use the cryptographic community to help vet the advice it gets from the National Security Agency when creating cryptography guidance, a panel of prominent experts recommends.
Three Chinese nationals seeking to make "big bucks" broke into the computers of Boeing and other military contractors, stealing secrets on transport aircraft, a U.S. criminal complaint says. Read how they allegedly did it.