Latest

Fraud

As Payments Speed Up, How Can Fraud Be Minimized?

Nick Holland  •  May 17, 2018

Knowing as many details as possible about the customer, the payment and the recipient is a critical component of stopping fraud as payments become faster, says anti-fraud specialist David Barnhardt.

Fraud

Sizing Up the Impact of Synthetic Identity Fraud

Nick Holland  •  May 14, 2018

Credit card losses due to synthetic identity fraud exceeded $800 million in the U.S. last year, says Julie Conroy of Aite Group, who analyzes the evolving threat and offers mitigation insights.

Breach Notification

Chili's Speed Question: To Notify or Not to Notify Quickly?

Mathew J. Schwartz  •  May 14, 2018

Chili's Grill & Bar is warning customers that an unknown number of payment cards were compromised at an unknown number of corporate-owned locations earlier this year for a period of time it suspects lasted two months. Should Chili's have waited to alert customers until it had more information?

Encryption

Crypto Fight: US Lawmakers Seek Freedom From Backdoors

Jeremy Kirk  •  May 11, 2018

A bipartisan group of U.S. lawmakers has reintroduced legislation in the House that would stop the government from forcing software vendors to intentionally weaken their products for surveillance purposes. Two prior attempts to enact the legislation in Congress have failed.

Cybercrime

Real-Time Payment Networks Face Off Against Fraudsters

Mathew J. Schwartz  •  May 11, 2018

With the rise of P2P payment networks and the U.S. working toward a real-time national payments network, the push is on to battle fraudsters. Also, attackers are hacking legitimate websites to more stealthily distribute "Gandcrab" crypto-locking ransomware.

Fraud Management, Cybercrime

Crabby Ransomware Nests in Compromised Websites

Jeremy Kirk  •  May 10, 2018

The Gandcrab ransomware has been a moving target. Since it was discovered in January, it quickly became one of the most widely distributed file-encrypting malware programs. Researchers with Cisco say they've now found it seeded within legitimate websites, making its spread tougher to stop.

►

Fraud

Finding Fraud Using Machine Data

Tom Field  •  May 10, 2018

When it comes to fraud, enterprise data has a story to tell, and it's up to security and fraud leaders to know how to interpret that story. Jim Apger of Splunk discusses reading and reacting to these stories.

Cybersecurity

White House Might Eliminate Cyber Coordinator Role

Mathew J. Schwartz  •  May 10, 2018

Adequately tracking the nonstop arrival and departure of officials in the Trump White House might require real-time, multidimensional flowcharts. But one thing is clear: The White House is facing a looming cybersecurity knowledge and expertise deficit, and that deficit may soon get worse.

Endpoint Security

Zero-Day Attack Exploits Windows via Malicious Word Doc

Mathew J. Schwartz  •  May 9, 2018

Security alert: Microsoft has issued updates to fix 67 unique flaws in its products. One vulnerability in Windows VBScript engine is already being actively exploited in the wild via malicious Word documents and could also be employed for attacks via websites and malvertising, Microsoft warns.

►

Fraud

Shifts in the Retail Fraud Landscape

Nick Holland  •  May 9, 2018

The rollout of EMV in the U.S. has transformed the card fraud landscape, with a major shift to online channels, says Shamoun Siddiqui, CISO at retailer Neiman Marcus.

►

Governance

Tailoring an Incident Response Plan

Nick Holland  •  May 9, 2018

Incident response plans must be carefully designed to meet the needs of a specific organization, says attorney Ron Raether, who outlines important legal considerations.

Data Loss

Spectre: The Next Generation

Mathew J. Schwartz  •  May 9, 2018

Spectre and Meltdown: It's déjà vu all over again as Intel is reportedly prepping a coordinated vulnerability disclosure announcement for eight new speculative execution flaws. One of the new flaws is apparently worse than any of the three Spectre/Meltdown variants that came to light in January.