While the cybercrime story for 2022 has yet to be fully written, cryptocurrency theft will no doubt have a starring role. Buoyed by the collective pilfering of billions of dollars' worth of cryptocurrency this year, what's to stop attackers from doubling down in 2023?
Security firm Group-IB has identified 34 hacking groups that are now selling a stealer-as-a-service model to spread infostealer malware and steal credentials from online gaming and payment accounts. The company advises organizations to be on the lookout for Raccoon and Redline infostealers.
Banks are getting better at catching a wide range of scams targeted at customer accounts, but they are still struggling with stopping authorized payment fraud through peer-to-peer payment companies such as Zelle, says David Pollino, former divisional CISO with PNC Bank.
A large-scale cyberespionage campaign by notorious China-based advanced persistent threat actor Mustang Panda is targeting government, academic and other sectors globally. Its main targets include Asia-Pacific organizations in Myanmar, Australia, the Philippines, Japan and Taiwan.
The United Kingdom and many other countries are considering ways to make banks liable for authorized payment fraud and lift the burden from millions of victims of online scams. Trace Fooshee, strategic adviser at Aite-Novarica Group, shares his views on why this might not be such a great idea.
All employees should consider upholding the security of the organization part of their job regardless of their official role at the company, says Equifax Business Information Security Officer Michael Owens. But creating an organization-wide cybersecurity culture is easier said than done.
With fraudsters evolving their tactics and tricking a growing number of people with authorized payment scams, it's time for banks and security solution providers to explore new ways to protect consumers who are left holding the bag, says Ian Mitchell, managing partner at Omega FinCrime.
Since Zelle fraud has increased 109% in the United States, the banking industry is struggling to reduce authorized push payment scams. Ken Palla, former director at Union Bank, shares tips for combating fraudsters, including delays on large transactions, education and behavioral analytics.
The January memorandum from President Biden’s Office of Management and Budget calls for adopting multifactor authentication that includes the verification of device-based security controls, continuous monitoring, and authentication and mandates a switch to phishing-resistant MFA by January 2023.
Jamf plans to buy startup ZecOps to extend its ability to detect and respond to sophisticated threats across Mac, iOS and Android devices. Jamf's proposed acquisition will provide threat hunting tools to determine if any advanced attacks have compromised mobile devices.
Vista Equity Partners has joined Thoma Bravo in the take-private cybersecurity spree, offering to buy security awareness training behemoth KnowBe4 at a $4.22 billion valuation. KnowBe4 says it has received a nonbinding offer from Vista of $24 per share for the shares not currently owned by Vista.
The latest ISMG Security Report discusses a new phishing-as-a-service toolkit designed to bypass multifactor authentication, the decision by Lloyd's of London to exclude nation-state attacks from cyber insurance policies, and challenges at Okta after it acquired customer identity giant Auth0.
Ransomware karma: The notorious LockBit 3.0 ransomware gang's site has been disrupted via a days-long distributed-denial-of-service attack, with administrator LockBitSupp reporting that it appears to be retribution for the gang leaking files stolen from a recent victim: security firm Entrust.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.