A new Princeton University research paper finds that five major U.S. prepaid wireless carriers are leaving their customers open to SIM swapping attacks. The main culprit is weak account authentication procedures that attackers can easily exploit.
Credential stuffing is a growing problem that's difficult to address, says Troy Hunt, creator of the Have I Been Pwned data breach notification service, who sizes up mitigation efforts.
Spear phishing emails remain the most popular attack avenue for the bad guys, yet most companies still don't have an effective strategy to stop them. This enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. Don't get caught in a phishing net! Learn how to avoid...
For two years, an attack group using Ukraine-based infrastructure has been creating hundreds of lookalike domains to target customers of 14 different Canadian banks via phishing attacks, security researchers at Check Point warn.
The notorious Joker's Stash carder marketplace has recently listed for sale 460,000 records, including four "Turkey-Mix" batches that feature never-before-seen payment card data that traces to Turkey's 10 largest banks, says cybersecurity firm Group-IB.
One of the largest fines to date for violating the EU's General Data Protection Regulation has been announced by Germany's federal privacy and data protection watchdog, the BfDI, against 1 & 1 Telecommunications, in part for inadequate authentication mechanisms. The company plans to appeal.
Two Russian men have been charged with stealing more than $100 million from banks around the world using the notorious Dridex malware, according to an unsealed U.S. indictment that caps off a decade-long investigation led by American and British law enforcement agencies.
Victims of a massive 2018 Facebook data breach can continue a class-action lawsuit to try and force the social network to maintain "reasonable" information security practices, a federal judge has ruled. But he dismissed the plaintiff's attempt to receive monetary compensation for the breach.
Adobe says its e-commerce Magento Marketplace has been breached, exposing usernames, email addresses and more. The software giant has yet to detail how many users were affected or the breach duration. Unfortunately, the stolen data could be used to fuel phishing attacks.
Twitter users no longer have to supply a phone number in order to use two-step verification for authentication. The move will better protect accounts from SIM hijacking attempts and also means users don't have to sacrifice some of their privacy to enable a security feature.
Stanislov Lisov, a Russian hacker who helped create the NeverQuest banking Trojan, has been sentenced to four years in federal prison after pleading guilty to one charge.
Watch this live Q&A with Brian Hay, former detective superintendent from the Queensland Police Service and now executive director of Cultural Cyber Security, as he helps organizations understand and develop their business strategies to ensure the highest levels of security.
The 2019 iovation Financial Services Fraud and Consumer Trust Report provides an in-depth analysis of the trends transforming the Financial Services industry in 2019 and explores how businesses can stay relevant and profitable in 2020.
In this report, we address three market drivers in financial...
A pair of Massachusetts men allegedly ran a years-long scheme that used SIM swapping and other hacking techniques to target executives in order to steal more than $550,000 worth of cryptocurrency, the U.S. Justice Department announced Thursday.
One in ten eCommerce dollars is declined during payment authorization. Yet up to 70 percent of these orders are placed by legitimate customers who can afford to make the purchase.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
