The latest edition of the ISMG Security Report analyzes how criminals keep finding new ways to make ransomware victims pay. Also featured: Preventing digital currency counterfeits; a proposed health data privacy framework.
Consumers hate passwords, criminals love them. And while the journey to passwordless authentication takes time, there are lessons to be learned from major global organizations who have started down the path. Dr. Rolf Lindemann of Nok Nok Labs shares insights.
Disruption, distortion and deterioration - these cybersecurity threats are amplified by the ongoing pandemic. Which poses the greatest threat and why? We asked this exclusive panel of CEOs and CISOs, and their responses might surprise you.
The security firm Positive Technologies discovered six vulnerabilities in Palo Alto Networks' PAN-OS, the software that runs the company's next-generation firewalls. The firewall developer has issued patches.
The U.S. Cybersecurity and Infrastructure Security Agency is warning of an increase in targeted distributed denial-of-service attacks against financial and government organizations worldwide. And security firms also are tracking the incidents in these and other sectors.
When startups succeed, they typically hire more employees to handle increasingly specialized tasks. The same goes for ransomware gangs, which, as they grow, have been hiring experts with advanced hacking, encryption, negotiation and other skills to help take down larger targets, says Coveware's Bill Siegel.
A flaw in how contactless cards from Visa - and potentially other issuers - have implemented the EMV protocol can be abused to bypass PIN verification for high-value transactions, ETH Zurich researchers warn. But Visa says the exploits would be "impractical for fraudsters to employ" in real-world attacks.
With apologies to Jay-Z, getting hit with ransomware might make victims feel like they have 99 problems, even if a decryptor ain't one. That's because ransomware-wielding gangs continue to find innovative new ways to extort cryptocurrency from crypto-locking malware victims.
In the three years since Equifax suffered a massive data breach, the consumer credit reporting firm says it has worked tirelessly to overhaul the security shortcomings that allowed the breach to happen. Equifax CISO Jamil Farshchi and other security experts weigh in on important lessons learned.
Ransomware continues to pose a "significant" threat, and email remains one of the top attack vectors being used by both criminals and nation-states, Australia's Cyber Security Center warns in its latest "Cyber Threat Report," which urges organizations to improve their defenses.
European banks are not ready to meet the Dec. 31 deadline to comply with the PSD2 regulation, which requires strong customer authentication when providing API access to banking platforms, says Dr. Steven J. Murdoch, a principal research fellow at University College of London.
The number of cybersecurity incidents reported to the U.K.'s data privacy watchdog has continued to decline, recently plummeting by nearly 40%. But is the quantity of data breaches going down, or might organizations be failing to spot them or potentially even covering them up?
Increasing stress levels for cybersecurity professionals pose a serious organizational security risk, says Neal O'Farrell, founder of the PsyberResilience Project, a mental health advocacy group.
Contact-tracing apps are continuing to take shape around the world as the COVID-19 pandemic continues. Using privacy-by-design principles is critical to building trust in these apps, says privacy expert Ann Cavoukian.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.