Everyone knows why criminals rob banks. But since most robbers are operating remotely, which tactics are cybercriminals actually employing and how often are they successful? Too often, it seems, thanks to phishing attacks, money laundering, ATM skimmers, malware and more.
The attack earlier this year that compromised systems and data at LastPass is more extensive than the password management software provider previously revealed. LastPass says the attacker downloaded from the cloud backups of multiple users' encrypted password vaults, as well as unencrypted URLs.
Cloud email security: It involves new strategies and tools to defend against a new wave of attacks. Arun Singh of Abnormal Security discusses the latest flavor of email attacks and the new Knowledge Bases created to help enterprises increase their education and defensive capabilities.
During account registration, the authenticator generates a credential and passes the corresponding public key to the website for association with the user account.
But how do we know that it’s really our user that holds the credential and not an imposter? For instance, someone who stole the authenticator device....
The email attack vector. It may not earn much discussion, but the adversaries take full advantage of it with phishing, BEC and now email platform attacks. Mike Britton, CISO of Abnormal Security, talks about the latest threat trends and how to detect and defend against them.
In Q2 2022, Agari and PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the...
What really makes a “strong” password? And why are you and your end-users continually tortured by them? How do hackers crack your passwords with ease? And what can/should you do to improve your organization’s authentication methods?
Password complexity, length, and rotation requirements are the bane of IT...
Security firm Group-IB has identified 34 hacking groups that are now selling a stealer-as-a-service model to spread infostealer malware and steal credentials from online gaming and payment accounts. The company advises organizations to be on the lookout for Raccoon and Redline infostealers.
Banks are getting better at catching a wide range of scams targeted at customer accounts, but they are still struggling with stopping authorized payment fraud through peer-to-peer payment companies such as Zelle, says David Pollino, former divisional CISO with PNC Bank.
A large-scale cyberespionage campaign by notorious China-based advanced persistent threat actor Mustang Panda is targeting government, academic and other sectors globally. Its main targets include Asia-Pacific organizations in Myanmar, Australia, the Philippines, Japan and Taiwan.
Join us for an informative webinar session as we dive into the hard truth of phishing attacks. Phishing has evolved to be more precise and deceptive than ever before, with the influx of mobile devices, screen sizes and many other sophisticated schemes tricking users into divulging information that can compromise...
Join us for an informative webinar session as we dive into the hard truth of phishing attacks. Phishing has evolved to be more precise and deceptive than ever before, with the influx of mobile devices, screen sizes and many other sophisticated schemes tricking users into divulging information that can compromise...
The United Kingdom and many other countries are considering ways to make banks liable for authorized payment fraud and lift the burden from millions of victims of online scams. Trace Fooshee, strategic adviser at Aite-Novarica Group, shares his views on why this might not be such a great idea.
In the wake of President Biden's 2021 executive order, security leaders across sectors are now seeking phishing-resistant multifactor authentication. But what exactly is it, and how is it best deployed? Yubico's Derek Hanson outlines a mature approach to MFA.
In this video interview with Information Security Media...
Cybercrime syndicate Robin Banks is back with a new cookie-stealing feature that cybercriminals can purchase as an add-on to the phishing kit in order to bypass multi-factor authentication in attacks and to attract more sophisticated, persistent actors set on compromising specific targets.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
