Microsoft touts new security features built into the Windows 8.1 Enterprise operating system. But are they enticing enough to win over organizations that are reluctant to upgrade from older OS versions?
As they develop mitigation strategies, organizations must keep in mind that all cyber-attacks, ranging from DDoS to phishing, ultimately aim to compromise data - and they virtually all are advanced and persistent.
A year after LinkedIn confirmed its network had been breached, reportedly exposing 6.5 million hashed passwords, the social media company is offering users the option of adopting two-factor authentication.
Conventional wisdom suggests China isn't interested in disabling industrial control systems in the U.S. After all, such an act would be against its own economic interest. But is that type of thinking right?
Authenticating appropriate network administrators and employees has become increasingly challenging, especially for healthcare organizations and regional banking institutions, says Tim Ager of Celestix.
In notifying customers of a breach, the online archiving service Evernote might have confused some customers by sending them an e-mail that contained a clickable link to be used to reset passwords - despite warning against using such links.
Call center fraud is increasing, and it's not just financial institutions feeling the pain, says Pindrop Security's Matt Anthony. Now, a database of phone numbers aims to help organizations mitigate risks.
Smart phones that give many IT security managers headaches in developing security policies are being used in increasing numbers to help safeguard systems and applications, thanks to more muscular biometric features, says Steve Vinsik of Unisys.
In this newest banking fraud scheme, fraudsters use the customer service chat feature within the online banking platform to schedule fraudulent wires. How can institutions detect and prevent this scam?
The arrest of 10 individuals allegedly tied to a global phishing scheme that exploited Facebook is good news. But experts say banking institutions need to push stronger security and authentication to protect accounts.
Absent a uniform method, the NIST interagency report investigates credential revocation, focusing on identifying missing requirements, and suggests a model for credential reliability and revocation services that addresses those missing requirements.
A new banking Trojan known as Gozi Prinimalka, which researchers say has been targeted to hit at least 30 U.S. institutions, can circumvent many fraud-detection and prevention defenses. So what prevention steps should financial institutions take?