Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Cisco warns that these vulnerabilities could be exploited by attackers to reboot devices, elevate privileges, or overwrite and read arbitrary files. [Read More]
A critical security flaw in HAProxy could lead to HTTP request smuggling attacks, allowing attackers to bypass security controls and access sensitive data without authorization. [Read More]
The U.S. government's CISA and OMB are seeking the public’s opinion on draft zero trust strategic and technical documentation. [Read More]
Microsoft patches a vulnerability in Azure Container Instances that could allow access to other customers’ information. [Read More]
Zoho confirms attacks against an authentication bypass vulnerability in its ADSelfService Plus product. [Read More]
Howard University closed its physical campus and canceled classes this week after experiencing a ransomware attack. [Read More]
The Android Security Bulletin for September 2021 includes patches for a total of 40 vulnerabilities, including seven that are rated critical. [Read More]
The agency's guidance is aimed at three main decision-maker groups and should help reduce overall risks associated with Managed Service Providers (MSPs). [Read More]
The high severity vulnerability could be exploited by malicious actors on the local network to execute code remotely when the user attempts to send an HTTP request. [Read More]
Jenkins confirms the recent Confluence CVE-2021-26084 exploit was used to compromise one of its servers to deploy a cryptocurrency miner. [Read More]

FEATURES, INSIGHTS // Fraud & Identity Theft

rss icon

Joshua Goldfarb's picture
The question of the importance of the state of a client device is a debate that has been around for a few years in the security field.
Idan Aharoni's picture
Fraudsters will determine who to target within the industry based on each service’s fraud prevention policies and maturity, rather than generally targeting the industry.
Joshua Goldfarb's picture
Josh Goldfarb debunks the most common myths surrounding fraud, security and user experience.
Joshua Goldfarb's picture
Josh Goldfarb discusses what enterprises can do to mitigate risk and limit losses account takeover (ATO) fraud, account opening (AO) fraud, and payment fraud.
Idan Aharoni's picture
Proposed Distributed Account Information Certification (DAIC) enables organizations to quickly and securely validate the bank account information of companies before they send payments
Joshua Goldfarb's picture
By implementing controls to prevent fraud and implementing fraud monitoring capabilities, state agencies can greatly reduce the amount of unemployment fraud that happens under their auspices.
Joshua Goldfarb's picture
For any fraud detection solution to be practical, it must be easily integrated into security and fraud operations.
Joshua Goldfarb's picture
Facts, data, and evidence are extremely important to properly detecting, preventing, and investigating both security incidents and fraud incidents.
Joshua Goldfarb's picture
Playing whack-a-mole with malicious code infections, phishing sites, and compromised credentials won’t help an enterprise reduce losses due to fraud.
Laurence Pitt's picture
Although robocalls are a pain for many of us, action is being taken to bring the problem under control.