OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Fwd: Banks scramble to fix growing Apple Pay fraud

FYI, I just saw this story on Apple Pay fraud and thought your TCs might be interested. (Although you're probably all well ahead of me so apologies if old news...) One of the analysts says that "bankers often complain that they don't get enough information from Apple Pay to support fraud processes." Maybe there is some opportunity to attack the problem using work you all are doing. 

---------- Forwarded message ----------
From: The Editors of SearchSecurity <SearchSecurity@lists.techtarget.com>
Date: Wed, Mar 4, 2015 at 10:33 AM
Subject: Banks scramble to fix growing Apple Pay fraud
To: "chet.ensign@oasis-open.org" <chet.ensign@oasis-open.org>

Security Digest
Information security news and advice from TechTarget's network | March 4, 2015
Amid Apple Pay fraud, banks scramble to fix Yellow Path process
by Michael Heller, Senior Reporter

Banks are rushing to fix sloppy authentication processes at the heart of rising Apple Pay fraud. Experts also worry about potential fraud with other mobile payment systems. (SearchFinancialSecurity.com)

Uber database breach source of stolen driver information

Following the theft of data affecting about 50,000 of its drivers, Uber says it has filed a subpoena to obtain GitHub data that may pinpoint the source of its data breach. (SearchSecurity.com)

HP: Threat intelligence sources need vetting, regression testing

According to HP Security Research, threat intelligence best practices can be difficult to implement, and even the most trustworthy sources must be tested for fidelity. (SearchSecurity.com)


Google security scanner bolsters secure cloud application development

Google's new cloud security scanner aims to make application vulnerability scanning easier for Google App Engine developers. (SearchCloudSecurity.com)

Google Project Zero changes fuel new vulnerability disclosures debate

Google's Project Zero has added more leeway to its vulnerability disclosure policy, but industry observers are split on whether 90 days is enough time to fix software flaws, or not enough time to manage a sensitive, resource-intensive process. (SearchSecurity.com)

How to use AWS to meet compliance standards' requirements

Looking to make compliance an easier task? Expert Steven Weil explains how to use AWS to help meet compliance standards' requirements. (SearchCloudSecurity.com)

Understanding FDA guidance on medical device cybersecurity
Medical device security is a growing concern. Expert Mike Villegas shares how to make sense of the new FDA cybersecurity guidelines for medical device manufacturers. (SearchSecurity.com)
Using a software-defined perimeter to create an air-gapped network
The Cloud Security Alliance's software-defined perimeter protocol can help enterprises achieve dynamic air-gapped networks. Expert Ed Moyle discusses how SDP works and the benefits it can provide. (SearchCloudSecurity.com)

How TLS 1.3 updates aim to ensure secure Internet communications

Following a slew of TLS vulnerabilities over the past year, the IETF is working on an updated version of the protocol. Security expert Michael Cobb discusses the changes and improvements. (SearchSecurity.com)

Information security and lawyers: Three ways to be besties

Legal teams play a key supporting role in successful information security programs. Expert Mike Chapple reviews three areas where infosec pros and lawyers should work together, and offers tips to foster effective collaboration. (SearchSecurity.com)

What are the benefits of Netflix's threat monitoring tools?
Netflix released its own threat monitoring tools: Scumblr, Sketchy and Workflowable. Expert Joseph Granneman looks at these tools and their benefits to enterprises.  (SearchSecurity.com)
About This E-Newsletter
This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for.

TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com

Copyright 2015 TechTarget. All rights reserved.


/chet   [§] 
Chet Ensign
Director of Standards Development and TC Administration 
OASIS: Advancing open standards for the information society

Primary: +1 973-996-2298
Mobile: +1 201-341-1393 

Check your work using the Support Request Submission Checklist at http://www.oasis-open.org/committees/download.php/47248/tc-admin-submission-checklist.html 

TC Administration information and support is available at http://www.oasis-open.org/resources/tcadmin

Follow OASIS on:
LinkedIn:    http://linkd.in/OASISopen
Twitter:        http://twitter.com/OASISopen
Facebook:  http://facebook.com/oasis.open

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]