The document offers recommendations for testing methodology, case studies, and a quick-reference guide to assist in navigating testing requirements.
Read more here.
New security requirements for payment card vendors
The PCI Security Standards Council (PCI SSC) has published version 1.1. of its PCI Card Production Security Requirements. The updated standard helps payment card vendors secure the components and sensitive data involved in the production of payment cards, protecting against fraud via the compromise of card materials.
Read more here.
Hacker Who Stole Money From Bill Gates Arrested in Philippines
What if you get into the bank account of the World’s most richest person? Maybe it could be difficult for you as well as I. But not for this guy…
…Konstantin Simeonov Kavrakov, a Bulgarian hacker, who hacked into the ATM and stole thousands of dollars from the bank account of Microsoft mogul Bill Gates with fake ATM cards arrested in Philippines, according to the Philippine National Police.
Read more here.
Vulnerabilities Identified in NY Banking Vendors
To bolster security, banks in New York are planning to enact new regulations for any third party vendors they do business with.
The report “Update on Cyber Security in the Banking Sector: Third Party Service Providers,” released by the New York State Department of Financial Services (NYDFS) highlights key security risks associated with vendors in the banking sector.
Read more here.
User mistakes aid most cyber attacks, Verizon and Symantec studies show
Two deeply researched reports underscore the following: the vast majority of hacking attacks are successful because employees click on links in tainted emails, companies fail to apply available patches to known software flaws, or technicians do not configure systems properly.
Read more here.
Former lottery infosec head accused of hacking computers to buy winning ticket
The former head of information security at the Multi-State Lottery Association (MUSL), who was arrested in January 2015, stands accused of having tampered with the computer used for drawing winning lottery numbers and of having purchased the winning lottery ticket after, even though he, as an employee of the association, isn’t permitted to.
Read more here.
Google Malaysia service disrupted by hackers
Internet users were denied access to Google Inc’s Malaysia website on Tuesday, and were redirected to a hacked page saying "Google Malaysia Hacked by Tiger-Mate #Bangladeshi Hacker". The company has reached out to the organisation that manages the domain name to resolve the issue, MYNIC, a Google Malaysia spokesperson said in a statement to Reuters.
Read more here.
SamuraiWTF 3.x And Onwards – Web Testing Framework Linux LiveCD
The Samurai Web Testing Framework (AKA SamuraiWTF) is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites.
Read more here.
Watcher – Passive Web Application Vulnerability Scanner
Watcher is a passive web application vulnerability scanner.
Read more here.
Five Best Mobile Document Scanning Apps
Scanning receipts while you travel, notes on a whiteboard, or sketches on an envelope can be easy. The best apps for the job take a snapshot, can do text recognition, save your scan to the cloud for future reference on other devices, and more.
Here is lifehacker’s five best mobile document scanning apps.