NIST updates ICS security guide

The National Institute of Standards and Technology (NIST) has issued the second revision to its Guide to Industrial Control Systems (ICS) Security. It includes new guidance on how to tailor traditional IT security controls to accommodate unique ICS performance, reliability and safety requirements, as well as updates to sections on threats and vulnerabilities, risk management, recommended practices, security architectures and security capabilities and tools.

 

The guide can be downloaded from here.

 

Read more here.

Visa launches new commercial standard for mobile payments

Visa said in the announcement that its new Digital Enablement Program builds on the company’s secure token technology and adds a turnkey, toll-free commercial framework accessible to more than 14,500 Visa financial institution clients and leading technology partners around the world. Google, with its Android Pay payment solution, is Visa’s first international program partner.

 

Read more here.

New Android NFC Attack Could Steal Money From Credit Cards Anytime Your Phone Is Near

In a presentation at Hat In The Box Security Conference in Amsterdam, security researchers Ricardo J. Rodriguez and Jose Vila presented a demo of a real world attack, to which all NFC capable Android phones are vulnerable. This attack, delivered through poisoned apps, exploits the NFC feature allowing unethical hackers to steal money from victims’ credit cards anytime the cards are near the victims’ phone.

 

Read more here.