Brokerage account takeover, supply chain attacks, destructive attacks and those that seek to manipulate time or time stamps are among the latest threats uncovered in the new Modern Bank Heists report authored by Tom Kellermann at VMware Carbon Black.
The key to reducing AppSec risk is pretty simple. It all starts with AppSec visibility and everyone looking at the same data. AppSec visibility data provides the necessary insights to assess risk and drive accountability, to make the right business and operational decisions, and of course to prioritize remediation...
CISA and the FBI warn in a new alert that unidentified nation-state actors are scanning for three vulnerabilities in Fortinet's operating system, FortiOS, to potentially target government agencies and companies for cyberespionage.
Webinar will go live on Wednesday 5 May at 11 am AEDT.
With more and more companies moving to DevOps, that statistic is likely to grow due to the increased demand for more applications faster meaning more chance for error. The good news is that these application vulnerabilities are extremely preventable through...
A malvertising campaign that purports to offer Telegram's desktop app for Windows is persisting. A security researcher based in Switzerland, who nearly fell for the ruse, takes a deep dive into the campaign.
With millions of sports fans to cater to, DAZN
has secure applications high on its agenda. Security comes from the top (their
c-suite) and rolls down to their software developers who understand the value of
a secure application. Application Security Testing (AST) solutions are imperative to
DAZN, so they deliver...
In financial services, there is a stark difference between defending against authorized versus unauthorized fraud incidents. James Hunt of Bottomline Technologies discusses the schemes and how to respond with a more dynamic prevention strategy.
Gone are the days when an organization’s applications ran behind a firewall protected by a secure network perimeter. Today, web and mobile applications are the perimeter. But at many organizations, this change has not been supported by increased investment in application security. Instead, the emphasis remains on...
PerimeterX was named a leader in The Forrester New Wave™: Bot Management, Q1 2020. According to the report, PerimeterX “leads the pack with robust machine learning and attack response capabilities” and includes a customer quote stating that PerimeterX Bot Defender “was extremely easy to deploy in production...
When evaluating application security vendors, you have a great deal to consider. Understanding your goals will help.
If your goal is vendor consolidation then selecting those offering multiple security capabilities over single products may make more sense. If your goal is out-of-the-box functionality then...
Joker's Stash, the notorious underground marketplace that has specialized in the sale of stolen payment card data, is reportedly shutting down in February with its administrator claiming he will "retire" at that time, according to Gemini Advisory. Researchers say fraudsters will quickly move to other sites.
Why Start With Identity?
As more government organizations move their citizen services to mobile and cloud-based platforms, ensuring the validity of those benefits claims is more important than ever. Many are adopting an identity centric security model as a framework for prevention of risk and fraud.
A recently uncovered remote access Trojan, dubbed ElectroRAT, has been stealing cryptocurrency from digital wallets over the past year, according to researchers at Intezer Labs. The malware, written in Golang, can target Windows, Linux and macOS platforms.
Identity management will be at the forefront of securing remote work in the coming year. Jason Bohrer, new leader of the Secure Technology Alliance and the U.S. Payments Forum, describes key initiatives as he steps into this role.
A recently uncovered payment card skimmer is targeting several large content management systems that support the online checkout pages of dozens of e-commerce sites, according to researchers with Sansec. The malware works by using a keylogger to harvest payment and personal data.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.