Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Pizza Hut hacked. Users who placed an order on the website or via the mobile app may have had their credit card data stolen [Read More]
Sample data provided by scammers claiming to have hacked Equifax may have come from another company’s unprotected QA servers [Read More]
41 Hyatt hotels in more than a dozen countries hit by payment card breach. This is the second breach discovered by the company within two years [Read More]
Fast food restaurant chain Sonic Drive-In confirms payment card breach and offers affected customers free identity theft protection services [Read More]
US officials are studying ways to end the use of social security numbers for identification following a series of data breaches compromising the data for millions of Americans, a Trump administration official said Tuesday. [Read More]
Amazon-owned Whole Foods Market warns customers that their payment card data may have been stolen [Read More]
Fast food restaurant chain Sonic Drive-In apparently suffered a payment card breach that may affect millions of people [Read More]
Department of Homeland Security finally notifies U.S. states whose voting systems were targeted by Russian hackers last year [Read More]
Equifax advised victims of the recent breach on Twitter to access a fake support website instead of equifaxsecurity2017.com [Read More]
The recent Equifax breach affects roughly 100,000 Canadian consumers, but the company’s Canada systems are not impacted [Read More]

FEATURES, INSIGHTS // Fraud & Identity Theft

rss icon

Idan Aharoni's picture
Cooperation in the underground economy could enable a fraudster in Russia who masters the art of phishing to team up with another fraudster who already has the infrastructure of cashing out compromised online banking accounts of US banks.
Noa Bar-Yosef's picture
Companies are increasingly seeing the benefits of using social technologies both for internal and external purposes. What is the security impact of this trend? What should security teams think about?
Idan Aharoni's picture
To maximize profits, fraudsters need to do a lot of learning. They can either learn techniques of areas they haven't focused on yet, learn better techniques in the field they already specialize in, or learn new cover stories to improve the techniques they already use.
Idan Aharoni's picture
The worlds of counter terrorism and fraud prevention should increase their ties. Systems that are already implemented in one world may be applied to the other. Solution providers and policy makers from both worlds need to meet up and share ideas, thoughts and experience for the benefit of both.
Idan Aharoni's picture
A bank that will fail to give fraud departments the power to make the necessary changes to its internal processes, may end up in a situation where everyone knows how and why fraudsters are stealing money from their bank – yet nothing can be done to stop it.
Robert Vamosi's picture
Some newer POS systems in the US have built-in authentication systems designed to protect merchants against the addition of fraudulent PIN pads. Should PCI now require retail businesses to upgrade to newer and better technology?
Idan Aharoni's picture
Unlike real-world dumpster diving, "electronic dumpster diving" can enable cybercriminals to access all the documents currently held by the user, not just those that were thrown away.
Noa Bar-Yosef's picture
Second column in a series describing the hottest commodities found in underground markets. We continue to explore the trending “commodities” in these markets and how to protect from your data being exchanged in these markets.
Christopher Justice's picture
To mitigate data security risks at the Point of Sale (POS), retailers are building and implementing technical control systems to monitor data traffic and tokenizing and encrypting data, to increase security. But often times, simple preventative solutions are taken for granted and get lost in all of the rhetoric.
Idan Aharoni's picture
While fraudsters may be equal in terms of rank, when it comes to sophistication – they are not. Much like in the hacking community, the higher the sophistication level of individuals, the lesser they are in numbers.