Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

National Stores, which operates over 300 Fallas and other clothing stores across the U.S., admitted that hackers had access to its payment systems for five months [Read More]
Bell Canada informed customers that their information was illegally accessed. Names, email addresses and other data on 100,000 individuals compromised [Read More]
High-Tech Bridge improves Trademark Monitoring Radar with new feature designed to identify squatted or fraudulent accounts on social networks and code repositories [Read More]
Clothing retailer Forever 21 informed customers that malware collected data from its payment systems for a period of more than 7 months [Read More]
Organizations are getting better at detecting breaches, but attackers are also working on improving their tactics and techniques [Read More]
The SEC's Cyber Unit filed charges against and froze the assets of Dominic Lacroix, a Canadian with a history of securities law violations, and his company PlexCorps in an initial coin offering fraud. [Read More]
PayPal suspends operations of its subsidiary TIO Networks after the discovery of a data breach that affects 1.6 million customers [Read More]
Russian lawmaker’s son, already sentenced to 27 years in prison in the U.S. for cyber crimes, gets another 14-year prison sentence [Read More]
Bulletproof Coffee has sent out several payment card breach notifications in the past year. The company is having difficulties keeping hackers out [Read More]
Forever 21 investigating payment card breach, but only few details were provided by the company [Read More]

FEATURES, INSIGHTS // Fraud & Identity Theft

rss icon

Alan Wlasuk's picture
No more fertile ground for security breaches exists in the United States than our colleges and universities. A higher education student database is an identity thief’s dream come true.
Idan Aharoni's picture
Cooperation in the underground economy could enable a fraudster in Russia who masters the art of phishing to team up with another fraudster who already has the infrastructure of cashing out compromised online banking accounts of US banks.
Noa Bar-Yosef's picture
Companies are increasingly seeing the benefits of using social technologies both for internal and external purposes. What is the security impact of this trend? What should security teams think about?
Idan Aharoni's picture
To maximize profits, fraudsters need to do a lot of learning. They can either learn techniques of areas they haven't focused on yet, learn better techniques in the field they already specialize in, or learn new cover stories to improve the techniques they already use.
Idan Aharoni's picture
The worlds of counter terrorism and fraud prevention should increase their ties. Systems that are already implemented in one world may be applied to the other. Solution providers and policy makers from both worlds need to meet up and share ideas, thoughts and experience for the benefit of both.
Idan Aharoni's picture
A bank that will fail to give fraud departments the power to make the necessary changes to its internal processes, may end up in a situation where everyone knows how and why fraudsters are stealing money from their bank – yet nothing can be done to stop it.
Robert Vamosi's picture
Some newer POS systems in the US have built-in authentication systems designed to protect merchants against the addition of fraudulent PIN pads. Should PCI now require retail businesses to upgrade to newer and better technology?
Idan Aharoni's picture
Unlike real-world dumpster diving, "electronic dumpster diving" can enable cybercriminals to access all the documents currently held by the user, not just those that were thrown away.
Noa Bar-Yosef's picture
Second column in a series describing the hottest commodities found in underground markets. We continue to explore the trending “commodities” in these markets and how to protect from your data being exchanged in these markets.
Christopher Justice's picture
To mitigate data security risks at the Point of Sale (POS), retailers are building and implementing technical control systems to monitor data traffic and tokenizing and encrypting data, to increase security. But often times, simple preventative solutions are taken for granted and get lost in all of the rhetoric.