PCI DSS version 3.1 will be retired on October 31, 2016, with version 3.2 being the only valid version beginning the 1st of November. From that date, any new validation of PCI compliance will have to be against version 3.2. The new requirements will, however, be considered 'best practices' until Feb. 1, 2018 when they will be mandatory.
read more
Dutchman ‘Who Almost Broke the Internet’ to Go on Trial
A Dutchman accused of launching an unprecedented cyberattack that reportedly "almost broke the internet" is to go on trial Tuesday on charges of masterminding the 2013 incident that slowed down web traffic world-wide.
read more
“Shadow Brokers” Leaks Servers Allegedly Hacked by NSA
The group calling itself Shadow Brokers has leaked more files, including a list of servers allegedly used by the NSA-linked Equation Group in its attacks.
read more
U.S. Should Strike Back at Cyberattackers: Report
The US government and private sector should strike back against hackers to counter cyberattacks aimed at stealing data and disrupting important computer networks, a policy report said Monday.
read more
How Cloud App Visibility Helps Wrangle Shadow IT
What Does an Organization Need to do to Get Shadow IT Under Control?
read more
Nymaim Starts Using PowerShell to Download Payload
A recently discovered variant of the Nymaim dropper brings several new features and capabilities, including new obfuscation and delivery methods, the use of PowerShell, and what researchers call an interesting anti-analysis and anti-detection mechanism.
read more
Researchers Claim Wickr Patched Flaws but Didn’t Pay Rewards
Vulnerability Lab security researchers claim that Wickr Inc., the company behind encrypted messaging service Wickr, hasn’t paid promised bounties for multiple vulnerabilities disclosed years ago, although the company did patch all of them.
read more
Managing Risks of “Potentially Unwanted” Programs in the Enterprise
Potentially Unwanted Programs Put Enterprise Data at Risk. How do You Tell Good Apps from Bad Apps?
read more
The Battle With “Potentially Unwanted” Programs in the Enterprise
Potentially Unwanted Programs Put Enterprise Data at Risk. How do You Tell Good Apps from Bad Apps?
read more
China-Linked Cyberspies Lure Victims With Security Conference Invites
A China-linked cyber espionage group known as Lotus Blossom, Elise and Esile has used fake invitations to Palo Alto Networks’ upcoming Cybersecurity Summit to trick users into installing a piece of malware on their systems.
read more
