Month: December 2015

Payment Card Protocols Wide Open to Fraud
Authentication

Payment Card Protocols Wide Open to Fraud

Researchers have discovered serious security vulnerabilities in a pair of protocols used by software in some point-of-sale terminals, bugs that could lead to easy theft of money from customers or retailers. The vulnerabilities lie in two separate protocols that are used in PoS systems, mainly in Germany, but also in some other […]

On the Wire Podcast: Wendy Nather
Podcast

On the Wire Podcast: Wendy Nather

In this episode, the guest is Wendy Nather, research director at the Retail Cyber Intelligence Sharing Center (R-CISC). Dennis and Wendy discuss the challenges of fighting fraud, the biggest security threats facing retailers right now, and the effectiveness of information sharing. Music by Chris Gonsalves and Ken Montigny.

The $1.5 Million Phone Call
Phone Fraud, Vishing

The $1.5 Million Phone Call

Law enforcement agencies, politicians, and security experts often cite cybercrime as perhaps the largest threat to consumers and businesses right now. Finding an accurate estimate of the annual losses from cybercrime is more difficult than finding an honest politician, but certainly it’s in the hundreds of millions of dollars. Indeed, […]

Banks Get Two-Year Grace Period on Moving to TLS 1.1
Privacy

Banks Get Two-Year Grace Period on Moving to TLS 1.1

The group that sets security standards for the payment card industry has decided to delay a requirement that will force payment processors to upgrade to a stronger version of TLS, the standard Web transport encryption protocol. Back in April, the PCI Security Standards Council released a new version of the […]

FTC Hits LifeLock With $100M Penalty
Identity

FTC Hits LifeLock With $100M Penalty

The Federal Trade Commission many times will allow first-time offending companies to get off relatively easily when they run afoul of consumer-protection laws, often settling with non-financial penalties. But that generosity does not extend to companies that later violate those settlements. LifeLock executives found that out the hard way on Thursday when […]

On the Wire Podcast: Jessy Irwin
Authentication, Podcast

On the Wire Podcast: Jessy Irwin

In the premiere episode of the On the Wire podcast, Dennis Fisher talks with Jessy Irwin of 1Password about the state of authentication on the Internet, why it’s so difficult to use passwords securely, whether passwords will ever go away completely, and the difficulty of educating users about security. Podcast […]