Today, the PCI Security Standards Council (PCI SSC) published version 1.1 of the PCI Secure Software Standard and its supporting program documentation. The PCI Secure Software Standard is one of two standards that are part of the PCI Software Security Framework (SSF). The PCI Secure Software requirements provide assurance that payment software is designed, engineered, developed and maintained in a manner that protects payment transactions and data, minimizes vulnerabilities, and defends itself from attacks.

A task force organized by the Institute for Security and Technology has urged the White House to tackle the rise in ransomware attacks and make it harder for cybercrimes to be committed. Law enforcement agencies, cybersecurity experts, and governments came together to make a series of recommendations to the Biden administration that aim to disrupt the illegal activities of threat actors.    A report submitted by the task force contained 48 recommendations, including advice to step up the regulation…

Accenture has entered into an agreement to acquire 12-year-old French cybersecurity services company Openminded.  The Irish multinational consulting and processing services company said that the acquisition would strengthen its security presence and capabilities in France and stimulate Accenture’s growth in Europe. Openminded is a provider of advisory, cyber-defense, cloud & infrastructure security, and managed security services. The company was founded in 2008 and now has over 100 internal staff working in four business units.  In 2020, Openminded’s turnover was…

Law enforcement have arrested a nanny based in Boston on suspicion of sharing child sexual abuse material (CSAM) over the messaging app Kik. An investigation was launched into 36-year-old Roxbury resident Stephanie Lak by the Boston Police Department Crimes Against Children Unit following the submission of a cyber-tip to the National Center for Missing and Exploited Children (NCMEC) on March 2.  Kik’s operator, MediaLab, notified NCMEC of an IP address that had been used to send at…

China-linked APT Naikon employed a new backdoor in multiple cyber-espionage operations targeting military organizations from Southeast Asia in the last 2 years. The Naikon APT group is a China-linked cyber espionage group that has been active at least since 2010 and that remained under the radar since 2015 while targeting entities in Asia-Pacific (APAC) region. Organizations targeted by the group were located in multiple countries around the South China Sea, including the Philippines, Malaysia, Indonesia, Singapore, and Thailand. The…