Amazon’s Whole Foods Investigating Payment Card Breach

Whole Foods Market, the supermarket chain acquired recently by Amazon for $13.7 billion, informed customers this week that it has launched an investigation after learning that some of its point-of-sale (PoS) systems may have been hacked. The company has provided only few details as the investigation is ongoing. However, it said the incident appears to…

Is your Mac software secure but firmware vulnerable?

Mac users who have updated to the latest OS version or have downloaded and implemented the most recent security update may not be as secure as they originally thought, Duo Security researchers have found. That’s because many of them did not receive the newest firmware along with OS and software updates.

How Apple’s Face ID works, learns, and protects

Apple has unveiled a new version of its privacy page and a paper throwing more light on how Face ID, its newest biometric authentication option, works on iPhone X (“Ten”). The former places even more importance on security and privacy features and policies, something that Apple is becoming even more vocal about than before. It’s abundantly clear that Apple…

Six Key Traits of an Effective Cyber Risk Advisor

What makes a good cyber risk advisor? What skills do they need to help board directors address cybersecurity? According to a report by BayDynamics, board directors “may not be experts in security, but they do know how to steer a business away from risk and toward profit by listening to subject matter experts. However, they expect…

Researchers Use Heart Rhythms for Continuous Authentication

Researchers from the University at Buffalo SUNY, and the Department of Electrical and Computer Engineering at Texas Tech University have proposed a novel new continuous user authentication method using cardiac motion (a heart-based function determined by users’ unique heart geometry). Their paper, ‘Cardiac Scan: A Non-Contact and Continuous Heart-Based User Authentication System’ (PDF), will be…

How to Live by the Code of Good Bots

Although my company fights problems caused by malicious bots on the Internet, many bots are doing good things. These beneficial bots may help a site get better exposure, provide better product recommendations, or monitor critical online services. The most famous good bot is the Googlebot, which crawls links to build the search engine many of…

ATM hackers switch to network-based attacks

More and more attacks against ATMs are network-based, Trend Micro researchers have found. Since the discovery of the first ATM malware back in 2009, criminals have concentrated on opening the ATM’s case and accessing the machine’s internals to boot the malware up from an external USB or CD. But lately, as banks have ramped up…