Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

LastPass users are being urged to change master passwords and enable multi-factor authentication for all accounts. [Read More]
Check Point security researchers publish findings from a deep-dive into DoubleFeature, a component of the Equation Group’s DanderSpritz post-exploitation framework. [Read More]
DuckDuckGo plans to ship a privacy-centric desktop browser built from scratch to compete with Google’s Chrome and Microsoft’s Edge. [Read More]
The Apache HTTP Server 2.4.52 is listed as urgent and CISA is calling on user to “update as soon as possible.” [Read More]
Patient data and other information potentially compromised during unauthorized access to Monongalia Health System emails. [Read More]
A long-term phishing experiment at a 56,000-employee company ends with a caution around the use of simulated phishing lures in corporate security awareness training exercises. [Read More]
French video game company Ubisoft this week confirmed that 'Just Dance' user data was compromised in a recent cybersecurity incident. [Read More]
Scammers targeted tens of millions of users in 90 countries, stealing $80 million per month. [Read More]
Five Russian nationals have been charged with hacking US networks and trading on non-public information. [Read More]
As the scale and impact of the Log4j security crisis become clearer, defenders brace for a long, bumpy ride filled with software-dependency headaches. [Read More]

FEATURES, INSIGHTS // Fraud & Identity Theft

rss icon

Alastair Paterson's picture
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
Josh Lefkowitz's picture
The abundance of compromised card data and other assets available online continues to hinder the fight against card-not-present (CNP) fraud.
Josh Lefkowitz's picture
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Travis Greene's picture
While a credit freeze can protect against the opening of fraudulent credit accounts, it is not an inoculation against identity theft. What can be done to help protect identities and the attributes associated with them?
Ting-Fang Yen's picture
The attackers may be looking for the path of least resistance, but there is no shortcut to securing your platform.
Lance Cottrell's picture
In addition to basic credit monitoring, breached companies need to get ahead of the attacks and start providing security solutions that actually protect the victims before they are victimized again.
Torsten George's picture
While effective at curbing “petty crimes” such as credit skimming / cloning, EMV does not address more sophisticated cyber-attacks that target backend systems which contain card holders’ most sensitive information.
James Foster's picture
Many fraudulent accounts are mere satire or innocuous trolling, but others are created with far more devious intentions.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Mark Hatton's picture
They always say in the investment world that cash is king. We are now seeing that in terms of cyber as well. Stealing cash, it’s even better than stealing money.