Data security

A new malicious spam campaign that has been targeting Internet users in the U.K. serves as an important example of how banking malware targets business as well as home users.

Hotels have elaborate systems to capture lodging fees and other purchases charged to rooms, but when customers book special events such as weddings or conferences, payment security can be more of a problem.

Nonlisted encryption solutions are designed for easier deployment, but often lack many of the key attributes of PCI-listed point-to-point encryption products, writes Ruston Miles, founder and chief strategy officer of Bluefin.

Turnover of chief risk officers is on the rise as CEOs look to add executives whose experience goes far beyond assessing credit risk. Sometimes they are promoting from within, but often they are poaching talent from rival banks.

Phone-based customer service opens opportunity for voice phishing, or "vishing," and other types of attacks linked to card not present transactions, according to Rafael Lourenco, an executive vice president at ClearSale.

The Illinois commercial bank gained a new role when it realized it shared the same digital transformation challenges as its customers.

Eight states want the credit bureau to show what it’s doing to improve data security; Goldman, Morgan Stanley and Wells Fargo will be the focus of this set.

In the past few years of fighting against cyberattacks, security teams have developed "kill chain" models that document what steps the bad guys take to infiltrate a network and how to thwart them. The problem is, a significant number of data breaches occur from insider threats, which these models often overlook.

Under a consent order with Texas and seven other states, the Atlanta-based credit reporting firm agreed to shore up its information security efforts, but it will not have to pay any financial penalties.

Ticket sales company Ticketmaster has warned customers in the U.K. that malicious code running on its website could have led to personal data and payment details being stolen. This kind of breach through third-party JavaScript code is quite common and may go undetected for months.