Script-based payment card malware continues its successful run, impacting a range of e-commerce sites, security researchers warn. With fraudsters continuing to refine their tactics, countering card-sniffing scripts continues to be difficult.
At ISMG's Fraud Summit in New York, former Black Hat hacker and hacktivist Hector Monsegur explains why security executives need to listen to people like him and why attackers simply won't go away.
Aluminum giant Norsk Hydro has been hit by LockerGoga ransomware, which was apparently distributed to endpoints by hackers using the company's own Active Directory services against it. To help safeguard others, security experts have called on Hydro to release precise details of how it was hit.
As CSO of CDK Global LLC, Craig Goodwin has been part of the rollout of a new API platform that he believes will revolutionize automotive purchasing. Goodwin offers his perspective on security's role in application DevOps.
But can we ever truly be password-free? What does this mean from a technological and security standpoint? How will this impact the digital identity trust we try to establish with our customers?
Here's free software built by the National Security Agency called Ghidra that reverse-engineers binary application files - all you have to do is install it on your system. So went the pitch from the NSA's Rob Joyce at this year's "Get Your Free NSA Reverse Engineering Tool" presentation at RSA Conference 2019.
As a former elected official, Kristin Judge saw first-hand the lack of resources for victims of cybercrime. And so she launched the Cybercrime Support Network, which serves small businesses and consumers.
Web hosting firm XBT/Webzilla's infrastructure was used to attack the U.S. Democratic Party and for 2016 election interference, a former National Security Council official said in a court report filed as part of a since-dismissed defamation lawsuit over the Steele dossier's release.
North Korea's cybercrime capabilities have given the country the ability to flaunt international sanctions by allowing the regime to steal millions in currency not only from banks but also from cryptocurrency exchanges, according to a report from the United Nation's Security Council.
Facebook's data deals continue to be probed. A criminal investigation of Facebook by federal prosecutors in New York has resulted in records being subpoenaed "from at least two prominent makers of smartphones and other devices," the New York Times reports.
A closely held type of point-of-sale malware, DMSniff, is spreading further while another, GlitchPOS, has also emerged. Despite a surfeit of stolen payment card details on the black market, efforts to steal more continue, highlighting the continuing challenges around card security.
In an exclusive interview, IBM Security GM Mary O'Brien talks with ISMG about her first year in this role, addressing the skills crisis, application security, the cloud and how to defend against cyberattacks.
Security needs to keep pace with the application development life cycle to avoid becoming a roadblock, and automation can play an important role, according to David Meltzer and Lamar Bailey of Tripwire.
A variant of the long-running Ursnif banking Trojan is able to better evade security protection and has the ability to steal not only financial information but also email user accounts, the content of inboxes and digital wallets, researchers report.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.