Links in “Cybersecurity/Data Breaches”
- Could a Photograph of a Finger Allow Hackers to Exploit Fingerprint Biometrics?
Group uses public photo of a German government official and a computer program to reproduce the official's fingerprint to overcome security measures. The group hopes to highlight the potential exploits in newer technology. Perhaps biometrics alone will not be enough. Perhaps rumors of the impending death of the password have been exaggerated. [12/29/14]
- Hackers Seek to Exploit Latest Air Tragedy
This weekend's disappearance of an Indonesia AirAsia flight gives cyber criminals an opportunity to lure users to websites purporting to offer the latest news in order to steal their personal information. Insensitive headlines, such as âMissing AirAsia flight QZ850 has been found and that all its passengers are safe and alive,â is designed to bait users to click on the link, which redirects users to the malicious websites. [12/29/14]
- PCI Council Issues New PIN Security Requirements
The Payment Card Industry (PCI) Security Standards Council has released v2.0 of its PIN Security Requirements. This program identifies the standards for secure management, processing, and transmission of PIN data at ATMs and POS terminals and also includes testing protocols. [12/23/14]
- You’ll Be Breached. Here’s What to Do When It Happens
If recent headlines have taught us anything, it is that it's not a question of whether your institution will be breached, but when. Here are five steps to implement before the inevitable occurs. [12/23/14]
- It’s the Little Things: Simple Security Slip Results in JPM Breach
Though JPMorgan spends an estimated $250 million per year on cyber security, the weak spot that resulted in a breach of customer data appears to have been a very basic one involving a network server that had not been upgraded to require two-factor authentication. [12/23/14]
- Staples Confirms Data Breach Affected 1.16 Million Cards
Staples has confirmed that its massive data breach affected 1.16 million cards at 115 of its stores nationwide between July and September. They further confirmed that the cyber criminals were able to steal payment card names, card numbers, expiration dates, and card verification numbers. [12/22/14]
- NCUA’s Mea Culpa: An Isolated Incident
NCUA has issued a statement taking responsibility for the data breach at a California credit union that was the result of an examiner losing a thumb drive provided by the credit union that contained sensitive member information. NCUA stated that this was an unfortunate, but isolated incident that involved a violation of internal security procedures and has pledged to reinforce their staff training on security. [12/18/14]
- International Cyber Warfare
A new set of attacks are allegedly coming in from Iran. They follow attacks by hackers with alleged ties to the U.S. and Israel that seriously harmed Iran's nuclear program. [12/18/14]
- OCC to NY on Cyber Security Exams: We’re Already There
Last week, New York's top regulator called for a laser-like focus on cyber security exams from both banks and regulators. This week, the OCC responds that cybersecurity continues to be a key issue. [12/18/14]
- Wake-up Call: Sony’s Data Breach Nightmare
Sony Pictures is reeling in the fallout of its embarrassing data breach, not just because it was breached, but because of the content that is being released. While the business dealings of a movie studio is bound to be of greater interest than the inner workings of most other businesses, the company's recent experience has CEOs of many other industries taking stock of their data security plans and what they would do if they experienced a similar breach. [12/18/14]
