Weekly News Roundup: August 30, 2013

Some news highlights from around the world this week related to card fraud, hacking and the PCI DSS:

Bank Info Security – Recent Retail Breaches Connected – A malware attack that exploited a point-of-sale software vulnerability within systems used by a select group of Kentucky and Southern Indiana retailers has now been linked to attacks against grocery chain Schnuck Markets Inc. and four other merchants earlier this year.

The Moscow Times – Ex-Soviet Hackers Play Outsized Role in Cyber Crime World – The breadth and sophistication of services sold on Russian-language websites such as Forum.zloy.bz or Forum.evil offer a small window onto a Russian criminal underground that is costing Western firms billions of dollars in credit card and online banking fraud as well as “phishing” attempts to lure people into downloading malware or disclosing passwords. In a country where wages are lower than in the West and life is expensive, and one that has long produced some of the world’s best mathematicians, the temptation to turn to crime is great. And the hackers are generally ahead of the people trying to catch them.

SC Magazine – Raising the Standard of PCI DSS – The upcoming v3.0 revision of the Payment Card Industry Data Security Standard (PCI DSS) is expected to have changes that concentrate on providing education, flexibility and emphasizing security as a shared responsibility.