When it comes to fraud, enterprise data has a story to tell, and it's up to security and fraud leaders to know how to interpret that story. Jim Apger of Splunk discusses reading and reacting to these stories.
If operational technology systems need to get connected to IT systems, it's essential to have tight controls on the network, says Lam Kwok Yan, professor of computer science and engineering at Nanyang Technological University in Singapore.
The rollout of EMV in the U.S. has transformed the card fraud landscape, with a major shift to online channels, says Shamoun Siddiqui, CISO at retailer Neiman Marcus.
Critical infrastructure, including electricity grids and telecommunications networks, is under attack. Optiv's Brian Wrozek discusses the challenges CISOs face in dealing with increasingly connected industrial devices.
Payments are getting faster, and so is payments fraud. A robust fraud management strategy focusing on strong authentication, customer education and scalable responses can be instrumental in minimizing payment fraud risk.
A remote code execution vulnerability revealed in late March in the Drupal content management system is now being used on a large scale for mining the virtual currency monero, a researcher says. At least 400 websites have been infected, and the total number is likely far higher, security experts warn.
Security vendor ProtectWise says a series of operating mistakes has allowed it to gain insight into a group, believed to be affiliated with Chinese intelligence, that specializes in stealing code-signing certificates. The certificates allow for the signing of malware that's unlikely to raise security alarms.
Cybersecurity and fraud prevention functions need to start working more closely together to share and leverage cross-functional knowledge that can help improve security, says Michael Thelander of iovation.
Brett Johnson stole millions in a fraud career that made him one of the FBI's most wanted criminals. But now he's sharing his secrets to help organizations fight fraud. Why the change of heart?
Leading the latest edition of the ISMG Security Report: Cambridge Analytica shuts down, saying it's lost all of its customers, and Australia's Commonwealth Bank spots a big, bad potential data breach.
What matters most, right now, to the information security community? At RSA 2018, RSA's president said WannaCry was a wakeup call for vulnerability and risk management. Other experts see artificial intelligence, machine learning and secure coding as hot trends.
A dozen medication and supply management products from Becton Dickinson and Co. are vulnerable to flaws identified last year in the WPA2 protocol, putting the products at risk for so-called KRACK attacks, according to a federal alert. Such attacks can potentially lead to malware infections.
The attackers behind SamSam ransomware have been focusing not on infecting individuals' computers, but rather the systems of large organizations that they hope will pay for a "volume discount" - in one case, $46,000 - to decrypt all of their systems at once.
Industrial control system environments are tough to hack, because each is unique, says Sergio Caltagirone of Dragos. But the recent emergency of Triton malware shows that attackers have been testing how to compromise some environments, which could have catastrophic results.
Jan Koum, WhatsApp's co-founder, is leaving Facebook. His departure marks another exit of a high-level privacy and security advocate. If Facebook continues to lose those who could better influence the social networking site's worrying views toward user data, what does that mean for the rest of us?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.