For attackers, "credential stuffing" - using stolen usernames and passwords to log into any site for which a user reused their credentials - is the gift that keeps on giving, says security researcher Troy Hunt. Here's how organizations can mitigate the threat.
Leading the latest edition of the ISMG Security Report: An analysis of how distraction tactics were used during a $10 million SWIFT-related hack at Banco de Chile. Also, a wrapup of Infosecurity Europe.
The geneology service MyHeritage says a security researcher found 92 million email addresses and hashed passwords for its users on a private external server. The company, however, says there's no evidence of abnormal account activity or indications family trees or DNA results were affected.
The Department of Homeland Security has yet again issued a warning about cybersecurity vulnerabilities in medical devices. These warnings have come after independent researchers, or the companies themselves, have reported the problems.
Payments are getting faster, and so is payments fraud. A robust fraud management strategy focusing on strong authentication, customer education and scalable responses can be instrumental in minimizing payment fraud risk.
Privacy regulations, user satisfaction concerns and the need to prevent data breaches are driving more organizations that must authenticate users to find "a better way of ensuring that people are who they are when they are accessing critical information," says Tony Smales, CEO of Forticode.
Ovum Research and Entrust Datacard experts discuss the transformation of identity and where it is headed.
Watch this video to learn more about:
Real-world examples of how organizations are embracing mobile and cloud platforms.
The pressure to meet compliance, and maintain and grow your customer base is intensified as the creativity of fintech offerings and customer expectations continue to rise. To effectively differentiate your offerings, your ability to deliver innovative, omni-channel services will be critical.
Despite the buzz about digital transformation, most enterprises remain overwhelmed by having to support and secure legacy technologies, says Mark Loveless of Duo Security. How can they simultaneously protect their legacy systems while securing their future?
New PCI requirements that go into effect June 30 are pushing payment card acquirers, processors, gateways and service providers worldwide to implement more secure encryption protocols for transactions. But are they ready?
Can technology solve the problem of giving law enforcement access to all encrypted communications without additional risks to the public? Software legend Ray Ozzie says he has an idea. But it's unlikely to quell the debate over hard-to-break encryption.
The U.S. and U.K. warned Monday that Russian hackers have compromised critical internet infrastructure with the aim of spying, extracting intellectual property and gaining footholds for future cyberattacks.
In this in-depth interview, Daniel Cohen of RSA discusses how open banking, also known as banking as a service, will affect the fight against fraud and offers insights on the security steps banks should be taking.