What's Hot

Bank Info Security reports Bank of America now says the suspected breach of credit card data it reported earlier this month is likely linked to a third-party merchant – not a third-party service provider. BofA spokeswoman Betty Riess noted this was an isolated incident at a third-party merchant (like a store) that may have impacted a very small number of cards, not a security breach at Bank of America or one of its vendors. BofA linked suspicious activity to this unnamed merchant after data from internal fraud monitoring and information from affected card brands was connected.

Dark Reading reports a dangerous zero-day Flash attack recently revealed by Adobe is the dreaded and relatively rare universal cross-site scripting (XSS) threat. Adobe issued a patch for this along with other flaws in the application. The vulnerability was spotted being exploited in the wild in targeted, email-based attacks. Universal XSS attacks spread via browsers or plug-ins, so they can affect any website, regardless of whether it harbors inherent XSS flaws. Adobe’s patch for the flaw was issued late yesterday, one day after it had issued updates for Acrobat and Reader in its regularly scheduled patch release.

The Southern reports Carbondale, Illinois area banks are seeing an increase in fraudulent charges made on customers’ debit cards and officials are cautioning consumers to keep a watchful eye on their debit and credit cards, as well as the banking accounts tied to those cards. Bank officers said that in many cases the bank or credit card processing systems are able to catch unauthorized charges right away. When fraudulent activities are found, accounts are restricted or cards are inactivated, and a new debit card is issued to the account holder.

SC Magazine reports U.S. companies operating critical infrastructure will be forced to better defend their networks against cyber attacks, and to collect and share data crossing their network with federal authorities, if the bipartisan Cybersecurity Act of 2012 becomes law. The proposed bill is designed to streamline data security processes and improve the ability for companies to share information about data threats within their industries. But public interest organizations want to ensure the legislation limits the amount of personal data to which the government will gain access.

Security Management reports ADT Business Solutions has created a new technology that uses electromagnetic technology to both detect and prevent skimming devices on ATM machines. When installed on an ATM, the device can block skimming devices from being able to download payment card data and an alarm feature alerts the bank of the presence of a skimmer. Electromagnetic pulses disrupt the operation of a foreign card reader, rendering it useless, and preventing that device from capturing cardholder’s bank card data. Financial fraud rings often use skimmers, realistic looking card readers placed over factory card readers, at ATMs or gas stations, to steal payment card information. Because skimmers are virtually undetectable by users, in a few hours, criminals can steal data from hundreds of cards. The card data is written onto blank payment cards and then used to withdraw money or make purchases later. The average skimming attack nets $50,000 in losses, according to the Secret Service, which handles a large portion of skimming investigations.