Changes in the privacy policies of social media companies have rendered many free open source intelligence tools unworkable, says Mason Wilder, senior research specialist at the Association of Certified Fraud Examiners. He describes the evolution of these tools and offers tips on how to apply them.
Mobile banking startup Dave is just the latest victim of criminal data brokers. Extensive evidence now points to Dave having been hit by a ShinyHunters, which has been tied to the sale of millions of stolen records to fraudsters - either via a phishing attack or hack of a third-party service provider.
Mobile-only banking app Dave has suffered a data breach that exposed personal details for at least 3 million users. But the fintech startup says no account information was exposed, and there are no signs of fraud. Dave says the incident traces to credentials stolen from Waydev, a third-party service provider.
Money launderers are devising new tactics during the COVID-19 pandemic. For example, some are coming up with ways to use personal protective equipment, or PPE, as a form of currency, says Debra Geister, CEO of Section 2 Financial Intelligence Solutions.
The latest edition of the ISMG Security Report analyzes the hacking of high-profile Twitter accounts. Also featured: Addressing security when offices reopen; the role of personal protective equipment, or PPE, in money laundering during the pandemic.
Any nationally chartered bank can now serve as a custodian of the cryptographic keys for a cryptocurrency wallet, according to a letter from the Office of the Comptroller of the Currency. James Wester of IDC analyzes the implications.
The FBI is warning of an increase in distributed denial-of-service attacks using amplification techniques that are targeting U.S. organizations. The bureau notes that it's seen an uptick in attack attempts since February.
Companies can use data analytics and artificial intelligence to help mitigate the risk of collusion between their employees and vendors, says Amine Antari, managing director at the consultancy Kroll.
Following Twitter's admission that cryptocurrency scammers socially engineered its employees to gain control of 45 high-profile accounts, one reaction has been: Why didn't anyone crack Twitter sooner? Unfortunately, the answer is that they have, especially if you count nation-states bribing insiders.
A group of spoofed cryptocurrency trading apps is targeting devices running macOS to install malware called Gmera, security firm ESET reports. The malware can steal users' data as well as their cryptocurrency wallets.
The U.S. should restore the position of cybersecurity coordinator at the White House because the number of threats against the nation is increasing, several security experts testified this week at a House hearing. But some Republicans question whether the move would create unnecessary bureaucracy.
An identity and access management strategy for a hybrid cloud environment should include single sign-on as well as multifactor authentication, says Andrew Koh, deputy general manager and regional lead-Risk at Habib Bank Ltd. in Singapore.
COVID-19 contract-tracing applications that help monitor individuals' possible exposure to those who have tested positive for the virus present a variety of privacy issues that must be addressed, says regulatory attorney Nancy Perkins.
Malware designed to provide backdoor access to corporate networks, gain administrative privileges and deliver additional payloads was hidden in tax software the Chinese government requires companies doing business in the nation to use, researchers at the security firm Trustwave report.
Creating a cyber intelligence strategy involves operational and tactical measures as well as technical approaches, says Jeff Bardin, chief intelligence officer at Treadstone 71.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.