New Zealand's privacy commissioner is recommending new civil penalties against companies of up to NZ$1 million (US$718,000) for a "serious" data breach in light of sterner penalties adopted by Australia and the European Union.
In this edition of the ISMG Security Report: An evaluation of the challenges law enforcement faces in using lawful hacking and metadata as an alternative way to collect evidence when cracking an encrypted device is not an option. Also, a look at Trump's revised cybersecurity executive order.
Dozens of banks, governments and telecommunications companies have been struck by fileless malware, which resides in memory and leaves few traces for investigators, according to Kaspersky Lab. The use of open-source tools and utilities makes the attacks difficult to detect.
Just like epidemiologists studying disease outbreaks, cybersecurity professionals can benefit from identifying and mitigating certain behaviors, says Dr. Elizabeth Lawler, an epidemiologist who is CEO of Conjur, a data security firm.
InterContinental Hotels Group is warning customers that malware infected point-of-sale devices at a dozen of its hotel restaurants and bars in North America and the Caribbean for up to four months in 2016. But it's unclear if the breach ties to reported exploits involving POS service providers.
As cyber criminals develop new attack techniques in an evolving technology environment, here are the trends we believe organisations need to be aware of to stay safe in 2017.
The time has come to change the way that security is conducted. The era of "bolt-on" security solutions needs to come to an end, or at least be recalibrated. Built-in security should become the expectation. Customers are not looking to buy "products" such as broadband access or Web filtering. Customers are looking for...
FS-ISAC is collaborating with the Monetary Authority of Singapore to establish the Asia Pacific Regional Intelligence and Analysis Center to encourage regional sharing and analysis of cybersecurity information within the financial services sector. Security experts weigh in on the value of the initiative.
Offspring of the Zeus banking Trojan continue to spring to life. Functionally, however, security experts say most POS-infecting banking malware remains almost identical. So why aren't more organizations putting well-known defenses in place?
Most organizations that enable users to perform online transactions have implemented security measures to address fraud. Currently, one of the most common safeguards used in a wide array of products/services is two-factor authentication (2FA).
In recent years, 2FA has become employed by global tech leaders like...
Behavioral biometrics has been getting a lot of attention recently due to its ability to uniquely address the challenges posed by social engineering, account takeovers and malware. It is already considered the third most popular biometric technology (after finger and face) and tied with iris.
Nonetheless, as an...
As mobile devices eclipse computers and laptops as the preferred method of going online, fraudsters have followed users, porting their modus operandi -account takeover, social engineering, and malware based remote control attacks - to the mobile arena. Thus, hackers have many more opportunities to perpetrate fraud and...
Many IT professionals use remote administration tools to troubleshoot and fix PC problems remotely, just as if they were sitting behind the keyboard themselves. But these tools are also used for different purposes today. Both nation states and hacktivists use modified these tools, creating Remote Access Trojan's...
Today, organizations are focused heavily on core competencies and keys to success. This-coupled with the rapid growth of software as a service (SaaS)-has led to increased outsourcing of certain business functions to vendors who can perform these functions better, faster, or cheaper. Therefore, there are more...
President Trump is reportedly preparing to issue an executive order calling for a review of the nation's cybersecurity capabilities and vulnerabilities. The pending report outlines a series of steps to be taken within 60 days of the signing of the order.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.