Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Duo Security creates open source tools and discloses techniques for identifying large-scale Twitter botnets – based on the analysis of 88 million accounts and over half-a-billion tweets [Read More]
U.S. Justice Department’s Cyber-Digital Task Force publishes first report, covering the threat to elections, cybercrime schemes, FBI’s role in incident response, and cyber personnel recruitment [Read More]
The losses and potential losses reported as a result of business email compromise (BEC) and email account compromise (EAC) scams exceed over $12 billion globally, says the FBI [Read More]
Two more individuals, a hedge fund manager and a securities trader, have been convicted by a U.S. court for their role in a $30 million newswire hacking scheme [Read More]
German web hosting firm DomainFactory shuts down forum following data breach. Hacker gained access to sensitive data, including banking information [Read More]
US securities regulators announce insider trading charges against a former Equifax manager who sold shares in the company before it disclosed a giant data breach [Read More]
France has joined the US and Russia in seeking the extradition of a Russian held in Greece for allegedly laundering $4 billion using the bitcoin digital currency [Read More]
Two individuals pleaded guilty over their role in a loan fraud scheme that involved data stolen in the 2014-2015 data breach at the U.S. Office of Personnel Management (OPM) [Read More]
UK retailer Dixons Carphone investigating hacker attack impacting millions of customers, including their payment card data [Read More]
Operation Wire Wire: 74 people arrested, including 42 in the U.S., as part of an international law enforcement operation targeting business email compromise (BEC) scams [Read More]
FEATURES, INSIGHTS // Fraud & Identity Theft
No more fertile ground for security breaches exists in the United States than our colleges and universities. A higher education student database is an identity thief’s dream come true.
Cooperation in the underground economy could enable a fraudster in Russia who masters the art of phishing to team up with another fraudster who already has the infrastructure of cashing out compromised online banking accounts of US banks.
Companies are increasingly seeing the benefits of using social technologies both for internal and external purposes. What is the security impact of this trend? What should security teams think about?
To maximize profits, fraudsters need to do a lot of learning. They can either learn techniques of areas they haven't focused on yet, learn better techniques in the field they already specialize in, or learn new cover stories to improve the techniques they already use.
The worlds of counter terrorism and fraud prevention should increase their ties. Systems that are already implemented in one world may be applied to the other. Solution providers and policy makers from both worlds need to meet up and share ideas, thoughts and experience for the benefit of both.
A bank that will fail to give fraud departments the power to make the necessary changes to its internal processes, may end up in a situation where everyone knows how and why fraudsters are stealing money from their bank – yet nothing can be done to stop it.
Some newer POS systems in the US have built-in authentication systems designed to protect merchants against the addition of fraudulent PIN pads. Should PCI now require retail businesses to upgrade to newer and better technology?
Unlike real-world dumpster diving, "electronic dumpster diving" can enable cybercriminals to access all the documents currently held by the user, not just those that were thrown away.
Second column in a series describing the hottest commodities found in underground markets. We continue to explore the trending “commodities” in these markets and how to protect from your data being exchanged in these markets.
To mitigate data security risks at the Point of Sale (POS), retailers are building and implementing technical control systems to monitor data traffic and tokenizing and encrypting data, to increase security. But often times, simple preventative solutions are taken for granted and get lost in all of the rhetoric.
SecurityWeek Daily Briefing
- DDoS-Capable IoT Botnet 'Chalubo' Rises
- Fortinet Tackles Insider Threats with ZoneFox Acquisition
- Triton Malware Linked to Russian Government Research Institute
- Super Micro to Customers: Chinese Spy Chips Story Is Wrong
- Oracle Adds New Security Services to Cloud Platform
- Mozilla Offers VPN Service to Firefox Users
- Plaintext Passwords Often Put Industrial Systems at Risk: Report
- The Rise of The Virtual Security Officer
- Japan Orders Facebook to Improve Data Protection
- Cisco, F5 Networks Investigate libssh Vulnerability Impact
Copyright © 2018 Wired Business Media. All Rights Reserved. Privacy Policy