CISOs need to fully integrate SD-WAN features with legacy infrastructure to help ensure the security of remote access, says Alain Sanchez, a CISO at Fortinet.
A hack-for-hire campaign targeting an "international architectural and video production company" serving high-end real estate ventures likely involved corporate espionage driven by a developer eager for insider data, according to an analysis from security firm Bitdefender.
Ransomware gangs are increasingly not just claiming that they'll leak data if victims don't pay, but following through. On average, about a quarter of all successful ransomware attacks feature a gang claiming to have first stolen data. But in recent months, the number of gangs actually doing so has surged.
Erika Dietrich of the payments system company ACI Worldwide analyzes statistics on how card-not-present transactions, fraud and chargebacks have changed this year, compared to last year.
An advertising software development kit called Mintegral that's embedded in 1,200 iOS apps misattributes ad clicks and logs potentially sensitive app data, security firm Snyk alleges. But Apple says there's no evidence the SDK is harming users.
A hacking-for-hire group dubbed "DeathStalker" is expanding its cyber espionage operations around the world, targeting smaller law firms and financial institutions, according to Kaspersky.
Jeff Schilling, global CISO at Teleperformance, a Paris-based company offering digitally integrated business services worldwide, describes four principles for mitigating security risks for the remote workforce during the COVID-19 pandemic.
China's TikTok has filed a federal lawsuit against the Trump administration seeking to overturn the president's executive order that would ban the social media app from the U.S.
The COVID-19 pandemic has led to changes in the way payments are made. David Lott of the Federal Reserve Bank of Atlanta discusses how fraudsters are adapting to the changing landscape.
Ransomware-wielding gangs continue to rack up new victims and post record proceeds. That's driving new players of all sizes and experience to try their hand at the crypto-locking malware and data-exfiltration racket.
Freepik Co. says an SQL injection attack led to the leak of 8.3 million email addresses and 3.7 million hashed passwords for users of its Freepik graphic resources app and Flaticon icon database platform.
Card-not-present fraud is rising as fraudsters inject malware into e-commerce websites to harvest account information, says Gord Jamieson of Visa. But the artificial intelligence models used to detect this fraud need to be refined to better mitigate this threat, he says.
FINRA, a private organization that helps self-regulate brokerage firms and exchange markets, is warning that fraudsters have recently started creating spoofed websites and domains using members' real names and images in an attempt to steal personal information and credentials.
The U.S. Department of Justice has charged former Uber CSO Joseph Sullivan with obstruction of justice for allegedly covering up the 2016 hack of the ride-sharing service, which compromised sensitive data for 57 million Uber passengers and drivers.
Diebold Nixdorf and NCR have issued patches for ATM software vulnerabilities that could enable a hacker with physical access to the devices to commit deposit forgery, according to the Carnegie Mellon University CERT Coordination Center.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.