Federal prosecutors have charged a Long Island company, along with seven of its employees, with selling vulnerability-laden Chinese technology to the U.S. military and other agencies for a decade and passing the gear off as American made.
The latest edition of the ISMG Security Report offers an analysis of how Twitter allegedly was used to spy on critics of the Saudi Arabian government. Also featured: A preview of the new NIST Privacy Framework and an update on business email compromise attacks.
In December, PCI SSC plans to publish a new standard for solutions that enable "tap and go" transactions on merchant smartphones and other commercial off-the shelf mobile devices. Troy Leach, the council's CTO, offers insights on the role the standard will play in enhancing security for smaller merchants.
How do you know if you are protecting your real-time communication networks from unwanted calls coming in that appear to be valid, but in fact they are malicious attempts to tie up communication applications such as IVRs or PBX trunks with long call duration times?
Telephone Denial-of-Service (TDoS) attacks are...
Telecommunications fraud continues to cost carriers and enterprises tens of billions of dollars per year. Bad actors often cover a broad set of call scenarios - from IP-PBX hacking, to subscription fraud, to Wangiri (one ring and cut) making it hard to detect and resolve.
Built for both carriers and enterprises,...
A Trend Micro employee stole and then sold contact information for 68,000 of the company's consumer subscribers, which led to a raft of unsolicited tech support scam calls, the company says. The employee has been fired. The incident highlights the risk of insider threats.
The U.S. Department of Justice has charged three men with perpetrating a campaign to infiltrate Twitter and spy on critics of the Saudi government. Two of the suspects formerly worked for Twitter, allegedly feeding details to Saudi handlers that could be used to identify and locate critics of the Saudi regime.
Only ~20% of companies use DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks. But even when they are enabled and your domain is more secure, 81% of phishing attacks still continue to sail right through to the end-user.
In this webinar, Roger Grimes,...
Alleged Capital One hacker Paige A. Thompson has been released from prison and will stay in a halfway house until her trial in federal court next year. Prosecutors allege that Thompson stole over 100 million records from the bank earlier this year.
A handful of common lures still have astounding success in compromising computers: phishing emails, malicious links and the king of them all: the malicious Microsoft Office document. But Microsoft is introducing virtualized containers in Office 365, which will isolate untrusted documents.
What's the best way to spring your citizens from foreign jail if they've been detained on U.S. hacking charges? That's a question that continues to plague Russia, including in the ongoing case against Aleksey Burkov, who's been charged with being part of a $20 million payment fraud scheme.
Business email compromise scams continue to proliferate. Last week, Japanese media company Nikkei revealed that an employee made a $29 million fraudulent transfer as a result of a scam. And in a separate scam, the city of Ocala, Florida, suffered losses of over $742,000.
Many businesses don't seem to be able to block the ongoing scourge of sophisticated business email compromise schemes. "Incidents are just increasing; there's a huge volume of business email compromise," says David Stubley, CEO at 7 Elements, a security testing firm and consultancy.