To stop fraudsters, iovation's John Marsden wants organizations not just to ask customers to verify their personal details. He also wants organizations to take a good, hard look at the devices that alleged customers are using.
Magecart, the criminal group behind the recent data breach at certain Ticketmaster websites, may have also hit the company's sites in Australia, New Zealand, Turkey and Hungary, according to RiskIQ, which says the group's digital payment card skimmers may also affect as many as 800 other e-commerce sites.
Attackers have stolen $23.5 million in cryptocurrency from Bancor, which is developing a decentralized exchange. The cause of the hack may have been a failure by Bancor to protect authentication keys that allowed for changes in its token smart contracts.
Aaron Sherman, who recently made the transition from serving as an FBI agent investigating cybercrime and nation-state threats to working at Braintrace on ways to improve detection and response efforts, shares insights on the career change.
Every application should be protected the same way no matter where it resides, rather than focusing on a "perimeter" approach, says Doug Copley of Duo Security, who describes a "zero trust" approach.
Federal regulators are reminding organizations about the importance of identifying and patching software vulnerabilities. But why are these seemingly basic security steps so challenging for so many?
It's a fair question: Can you trust the fraud advice you're given from a former fraudster? Especially one who's betrayed law enforcement before? Brett Johnson says he's abandoned crime for good, and he shares insight on the types of fraud schemes he once practiced.
Aite's Julie Conroy calls it a "perfect storm." In the post-EMV U.S., and in the wake of massive data breaches and the move to mobility, financial institutions are besieged by a new flood of new account fraud. How can data analytics help them improve fraud prevention?
The U.K. has approved a plan to build a cutting-edge court complex in London designed to handle cybercrime, fraud and economic crime. The facility is expected to be a growth driver for the country's legal industry, despite the U.K.'s pending withdrawal from the European Union.
If 2017 was the year of ransomware innovation, 2018 is well on its way to being known as the year of cryptocurrency mining malware. Numerous studies have found that the most seen malware attacks today are designed for cryptojacking. But while ransomware campaigns may be down, they're far from out.
To have any hope of keeping up "with the exponential rise in variants in malware," organizations must reduce their attack surface, in part by using technology designed to learn what attacks look like and respond as quickly as possible, says Cylance's Anton Grashion.
Open source software components may be free, but that doesn't automatically make them safe to use. "There can be risks involved," says Steve Giguere, of Synopsys, who says these risks are often compounded by the pressure to deliver goods to market quickly and with new features.
As organizations move more data into the cloud, too many are treating security as an afterthought, says Outpost24's Bob Egner. Instead, as part of an agile development program, he recommends making penetration testing a constant, and using solid DevSecOps to maintain optimal cloud data security.
Cryptocurrency money laundering is increasing dramatically, being already three times greater than in 2017. And we're only half way through the year, observes Dave Jevans, Founder and CEO of CipherTrace, and chairman of the Anti-Phishing Working Group.
Old technology never dies, but rather fades "very slowly" away, as evidenced by there being 21 million FTP servers still in use, says Rapid7's Tod Beardsley. Rapid7's scans of the internet have also revealed a worrying number of internet-exposed databases, memcached servers and poorly secured VoIP devices.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.