Security experts advise banking institutions to take several steps, including enhancing authentication and ramping up commercial customer education, as a result of an increase in sophisticated online banking attacks involving a new variant of Dyre malware.
The Trojan "Laziok" targets energy firms throughout the Middle East, India, the U.S. and the U.K., warn security researchers at Symantec. The malware attempts to exploit a Microsoft Office bug patched in 2012.
Businesses targeted by ransomware attacks are increasingly willing to negotiate with - and even pay - their extortionists. But negotiating with cyberthieves is never a good idea.
The FFIEC warns U.S. financial institutions that they're at increased risk from attacks that are designed to harvest large amounts of credentials, as well as from destructive "wiper" malware attacks.
Experts debate the value of new PCI guidance for how businesses should use penetration testing to identify network vulnerabilities that could be exploited for malicious activity. Does the new advice go far enough?
To help take down global "carding" rings, the U.S. Justice Department wants to expand current law so it can prosecute those who commit fraud anywhere in the world that involves U.S. payment card data.
While the Indian finance ministry has announced incentives for banks to curb cash transactions and encourage the use of payment cards, security experts caution CISOs about authentication and fraud risk.
Psychologically speaking, nothing beats the power of a well-timed deadline. And love it or hate it, Google's 90-day "Project Zero" deadline for fixing flaws - before they get publicly disclosed - has rewritten bug-patching rules.
Target Corp.'s pending settlement of a consumer class action lawsuit is more about public relations than compensating victims, some observers say. But will it have an impact on a pending suit filed by banks?
Security experts warn ATM operators to ensure their machines are locked down in the wake of ATM manufacturer NCR's warning that it is investigating a series of USB-port hack attacks on ATMs in India.
As data breaches continue to multiply, employers must not overlook how intrusions could lead to the theft of employees' identities, paving the way for fraud, says ID theft expert Johnny May. He will keynote the March 24 Fraud Summit Atlanta.
A federal banking regulatory agency has issued a warning about a new phishing campaign that aims to con consumers into disclosing personal and financial details by feigning to be a request from the regulator.
When Todd Davis helped found LifeLock in 2005, ID fraud was a niche consumer issue. Today it's a major enterprise risk. What are today's top fraud threats, and where are some of the surprising security gaps?
More hackers are holding data for ransom, demanding everything from bitcoins to the shutdown of nuclear reactors, under the threat of leaking sensitive information. But it's not clear how many such attacks generate revenue for attackers.
Ransomware attacks are getting more agile, varied and widespread, and are increasingly taking aim at businesses of all sizes in all sectors, rather than consumers. That's why employee education is so critical.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.