The latest update to PCI DSS, version 4.0.1, introduces a critical focus on phishing-resistant authentication factors to combat evolving cyber threats. Yew Kuann Cheng, regional vice president for the Asia Pacific at the PCI Security Standards Council, emphasizes that businesses leveraging advanced anti-phishing technologies can more efficiently meet multi-factor authentication (MFA) requirements.

The Consumer Financial Protection Bureau (CFPB) has approved Financial Data Exchange (FDX) as the first official standard-setting body under its new open banking framework.

The Office of the Comptroller of the Currency (OCC) has issued a cease-and-desist order against Bank of America, N.A., citing significant deficiencies in the bank’s Bank Secrecy Act (BSA) and sanctions compliance programs. The enforcement action highlights violations and unsafe practices, including delays in filing suspicious activity reports and unresolved issues in the bank’s Customer Due Diligence processes.

Frax Finance has launched frxUSD, a rebranded version of its FRAX stablecoin, aiming to set new standards in decentralized finance (DeFi) and stablecoin transparency.

The rapid adoption of generative AI (GenAI) has prompted a seismic shift in how organizations approach application security. A report by Cycode reveals that 72% of security leaders agree a complete reset of strategies is essential to address the challenges posed by AI.

The U.S. Department of Justice (DoJ) has implemented a final rule enforcing Executive Order 14117, aimed at curbing the mass transfer of Americans’ personal data to countries of concern, including China, Cuba, Iran, North Korea, Russia, and Venezuela.

The cyber threat group known as Cloud Atlas, also referred to as Clean Ursa, Inception, Oxygen, and Red October, has been observed using a newly identified malware called VBCloud in its recent attack campaigns.