WAKEFIELD, Mass., 15 April 2015 — Today, the PCI Security Standards Council (PCI SSC) published PCI Data Security Standard (PCI DSS) Version 3.1 and supporting guidance. The revision includes minor updates and clarifications, and addresses vulnerabilities within the Secure Sockets Layer (SSL) encryption protocol that can put payment data at risk. Available now on the…
Category: Of Note
There’s TOO MANY data-leaking healthcare firms, growls Symantec
Darren Pauli reports: Security software company Symantec is being drenched in calls from breached health organisations that have lost devices or suffered an information security snafu. Some 80 per cent of the calls its incident response team has received since December are from healthcare firms, topping the charts for the number of breach incidents for 2014 for…
Lawyer: Malware located on drive provided by police department in discovery
Bill Bowden reports: A lawyer representing three Fort Smith police officers in a whistleblower case said Monday that someone tried to hack into his computer by giving him an external hard drive contaminated with malicious software. Matthew Campbell of the Pinnacle Law Firm in North Little Rock has been representing three current and former Fort…
Washington attorney general’s data breach notification bill unanimously approved in Senate; heads to Governor’s desk
Washington Attorney General Bob Ferguson’s legislation strengthening the state’s data breach notification law passed the state Senate, 47 to 0. It passed the House of Representatives March 4, 97 to 0. The bill now heads to Governor Jay Inslee for his signature. The legislation strengthens Washington’s data breach notification law by: Eliminating the blanket exemption…
18-Year-Old Security Flaw Allows Hackers To Steal Credentials From All Versions Of Windows
Kate Vinton reports: In 1997, researcher Aaron Spangler discovered a bug in Internet Explorer that allowed an attacker to steal credentials using a protocol known as Windows Server Message Block (SMB). Eighteen years later, a researcher on the Cylance SPEAR research team testing a messaging app with that bug in mind discovered a much larger…
Debt Brokers Settle FTC Charges They Exposed Consumers’ Information Online
Two debt brokers have agreed to settle Federal Trade Commission charges that they exposed highly sensitive information about tens of thousands of consumers while trying to sell portfolios of consumer debt on a public website. The agreements with the FTC require the defendants to abide by strict new requirements to protect consumers’ sensitive information. In…