Search

Home > Down the Security Rabbithole > DtSR Episode 185 - NewsCast for March 15th 2016


	Podcast:		Down the Security Rabbithole
	Episode:		DtSR Episode 185 - NewsCast for March 15th 2016
	Category:		Technology
	Duration:		00:42:28
	Publish Date:		2016-03-21 00:31:04
	Description:		In this episode... The FTC is getting into providing guidance on password changes Well OK, this isn't really guidance, it's just a blog But - does this mean that the FTC is getting into technical guidance? https://www.ftc.gov/news-events/blogs/techftc/2016/03/time-rethink-mandatory-password-changes Dwolla hit by CFPB and fined $100,000 Who is the CFPB (Consumer Finance Protection Bureau)? This opening sentence is crucial: "The Consumer Financial Protection Bureau (Bureau) has reviewed certain acts and practices of Dwolla, Inc. (Respondent, as defined below) and has identified the following law violations: deceptive acts and practices relating to false representations regarding Respondent’s data-security practices in violation of Sections 1031(a) and 1036(a)(1) of the Consumer Financial Protection Act of 2010 (CFPA), 12 U.S.C. §§ 5531(a), 5536(a)(1)" http://files.consumerfinance.gov/f/201603_cfpb_consent-order-dwolla-inc.pdf http://blog.dwolla.com/we-are-never-done/ FTC To Study Credit Card Industry Data Security Auditing The FTC is asking for specific information from a specific number of companies (9 of them in total) Studying "how companies and their assessors interact" - is that code for something? Interesting to see what the FTC will do with this? https://www.ftc.gov/news-events/press-releases/2016/03/ftc-study-credit-card-industry-data-security-auditing Bengladesh bank hackers steal ~$100M There is definitely more to this story Lots of finger-pointing, failed/unknown processes in SWIFT clearinghouse Was this account compromise? System compromise? An insider threat? All of the above? http://www.bankinfosecurity.com/bangladesh-bank-hackers-steal-100-million-a-8958
	Total Play:		0