The gang behind the Carbanak banking malware - tied to $1 billion in fraud - has changed tactics, using upgraded malware via spear-phishing attacks, a security expert warns. Separately, a new banking Trojan called Shifu has been targeting Japanese banking customers.
Even if they know their companies' current security solution isn't effective, many IT managers are under the false impression that it's simply too complicated, costly and time consuming to make a change. Did you know it can be more complicated, costly and time consuming to stick with your existing, sub-par...
The most recent HP Security Cyber Risk Report revealed that vulnerabilities in production software are still pervasive. Finding software vulnerabilities is only part of the battle; actually fixing those vulnerabilities can sometimes be an elusive goal, especially when you lack access to the code. Using Runtime...
Applications are a primary target for cyber attacks. Historically, Web Application Firewalls (WAFs) have been a popular choice for protecting production applications from attack. But they have their limitations, and advice on how to bypass a WAF is readily available. Learn how context from within the application...
Four years after the FFIEC issued its updated authentication guidance, many banking institutions say account takeover losses have gone up, a new survey shows. John LaCour of PhishLabs explains why institutions' reactive approach to fraud is failing.
Government agencies used to be the top attack target, as well as the top source of threat intelligence. How did the private sector turn the tables, and what can government do to improve? Rapid7's Wade Woolwine offers insight.
In the wake of hacker attacks, which have left healthcare providers uncertain about what security steps to take, the Office of the National Coordinator for Health IT is working to help organizations sort out role-based identity and access management issues, says ONC's privacy officer, Lucia Savage.
Information security experts offer two timely Apple iOS device reminders: First, never jailbreak the devices. Second, enterprise security managers must ensure that they ruthlessly block any jailbroken devices from accessing corporate networks because they pose a security risk.
The bad news is that the new KeyRaider malware has so far compromised more than 225,000 Apple accounts worldwide. The good news, according to Ryan Olson of Palo Alto Networks, is that only modified, or "jailbroken," ioS devices are at risk.
If malware infections and data breaches are inevitable, then why should organizations even try to be proactive? Isn't a reactive stance more appropriate? Not so, says Marcin Kleczynski, CEO of Malwarebytes.
The FBI estimates fraud losses linked to so-called business email compromise scams worldwide have exceeded $1.2 billion in less than a year. But some financial fraud experts say the losses from this largely overlooked threat could be even higher.
Cybersecurity risks to medical devices will become an even more critical issue for healthcare organizations to address next year because of the need to maintain patient trust, says Rob Potter of Symantec.
CISOs who want to keep more cyber-attacks from succeeding should focus on decreasing the half-life of vulnerabilities, which refers to the amount of time it takes half of all systems affected by a vulnerability to get patched. That's the advice from Qualys' Wolfgang Kandek.
Money alone won't solve cybersecurity challenges that government agencies - or, for that matter, any organization - face. But pumping up the security budget can't hurt, either.
Significant cost drivers have placed the cloud firmly in the sights of CIOs. Unfortunately, these drivers have often been stalled by a fear that the cloud is an exposed environment that is not only difficult to secure but also a regulatory nightmare. Fortunately, there are concrete mechanisms that can protect cloud...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.