Attacks against U.S. banks using Gozi Prinimalka, the Trojan behind a planned banking blitzkrieg, are quietly continuing, with the most recent infection discovered April 4, McAfee researcher Ryan Sherstobitoff says.
A point-of-sale-software vulnerability is to blame for a malware attack that exposed hundreds of debit and credit accounts in one southeastern city, a card issuer says. The attack highlights increasing POS risks.
Kaspersky Lab has identified a new spear-phishing attack involving a Trojan designed to target Android devices. Researcher Kurt Baumgartner says organizations need to be prepared for more mobile malware attacks.
E-mail authentication foils phishing, but authentication is only effective if every partner in the chain adopts it. John Carlson and Andrew Kennedy of BITS explain how institutions can improve e-mail practices.
A new ruling in the Choice Escrow vs. BancorpSouth case finds that refusing fraud-prevention tools offered by banks can shift liability for fraud losses back on commercial customers. What does this ruling mean for other institutions?
The motive behind the cyber-attack on South Korean banks and broadcasters was atypical, as compared to most digital assaults that involve implanting malware on IT systems, says McAfee's Vincent Weafer.
Solutionary is out with its 2013 Global Threat Intelligence Report. What are the top four threats to organizations, and how can they be mitigated? Security strategist Don Gray offers insights and tips.
Intelligence is helping organizations not only detect and prevent intrusions, says Mark Wood of Dell SecureWorks. It's also helping them identify they've been targeted for an attack in the first place.
Even the brightest technologists aren't immune from cyber-attacks. Just ask Facebook. The social-media company says it fell victim to a sophisticated attack in which an exploit allowed malware to be installed on employees' laptops.
Criminals, hacktivists and hostile governments understand that the quickest way to corporate data is through mobile workers' unsecured endpoints.
Cyber criminals targeted mobile devices at unprecedented rates in 2012, exploiting the weakest link in the corporate network to steal enterprise information. For the first...