Established provider LexisNexis Risk Solutions remains atop Forrester's digital fraud management rankings, while upstart Sift broke into the leaders category for the first time. Many providers in the space have expanded from payment transactions to account takeover fraud as well as handling scams.
In the aftermath of the pandemic and global political unrest, the risks of identity and credential theft have surged, and a deluge of scams are exploiting the crisis. Consumers facing disrupted incomes seek credit solutions, and fraudsters seek to exploit them by using application fraud tactics.
Honeypot data collected by CISO Jesse La Grew highlights how attackers continue to target default usernames - including for SSH - together with weak passwords to gain brute force remote access to their targets. Here are essential username, password and remote service practices for combating such attacks.
Ransomware and data exfiltration attacks continue to stick victims with serious bills to cover cleanup, legal and other resulting costs - to the tune of $10.8 million and counting for cloud computing giant Rackspace, for one. Rackspace was hit by the Play ransomware group last year.
Venture-backed cloud security firm Wiz swallowing up publicly traded endpoint security firm SentinelOne would be one of the most unorthodox and surprising acquisitions the cybersecurity industry has ever seen. But despite the major financial hurdles, the potential technology synergies are obvious.
APIs have become increasingly popular as they are used to connect different systems, services and applications. But this makes them an attractive target for cybercriminals who want to exploits flaws and access sensitive data. Here are five critical reasons you need to conduct API security testing.
Various "dark" generative artificial intelligence tools purportedly help criminals more quickly amass victims. Guess what? They've all gone bust, if they weren't simply outright scams - in part because legitimate tools can be "jailbroken" to achieve similar results. What are they really achieving?
ChatGPT set the world on fire six months ago, and since then a slew of companies have released features or products built on or around generative AI - some of them completely legitimate and some of them little more than snake oil. Does AI makes sense everywhere for everything? Absolutely not.
Spanish police estimate that a group that mainly targeted ATMs of Spanish national banks using cloned payment cards had fraudulently pocketed nearly 196,000 euros. Authorities arrested three suspected members of the group Sunday in the Spanish coastal city of Valencia.
Real-time protection against API attacks is nonnegotiable for the protection of any web application or digital service that relies on application programming interfaces. Here are some of the most common types of API attacks and strategies for protecting against them in real time.
Why are so many fresh zero-day vulnerabilities being exploited in the wild? Google reported that attackers often discover variants of previously exploited flaws, which suggests that vendors aren't doing enough to fix the root cause of flaws - or to avoid introducing fresh ones with their fixes.
Is the Akira ransomware story coming to an end? Security researchers say the group was competing in a competition designed by Royal to give it a new cryptolocker - but lost. Even with a free decryptor now available for Akira victims, however, it's too soon to say if the group might be doomed.
A startup founded by two Israel Defense Forces veterans and backed by the likes of Insight Partners and Cyberstarts could soon be acquired by CrowdStrike. The endpoint security firm is in advanced negotiations to purchase Silicon Valley-based application security posture management vendor Bionic.
The world is moving on from magnetic stripe payment cards, with one notable exception: the United States. Credit card issuers, banks and consumers agree the magnetic stripe is prone to hacking - so why is one of the largest markets for plastic payment still clinging to decades-old technology?
Application security testing, or AST, and API security testing are important components of a comprehensive cybersecurity strategy. We'll discuss the application and API security best practices for each type of testing, the use cases, and how they protect your business from cyberattacks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.