When it comes to finance, mobile banking or payments apps, maintaining customer trust is crucial to protecting brand equity and revenue. Cloud technology has eliminated the traditional network perimeter, leaving unsecured mobile endpoints vulnerable to attack. According to recent analyst research, mobile finance apps...
Security vendor SonicWall is investigating what the company calls a "coordinated attack" against its internal network by threat actors using a zero-day exploit within the company's remote access products. SonicWall is urging customers to apply temporary fixes to secure VPNs and gateways.
Cloud security trends like “shift-left security” and “DevSecOps” refer to new strategies and paradigms that help organizations keep workloads secure in the age of cloud-based, scale-out, constantly changing applications and infrastructure.
Many in IT, security, and development probably understand what these...
Financial institutions (FIs), payment firms, and e-commerce merchants are being targeting by organized crime rings with rapidly increasing sophistication.
To protect your business, download this report from F5 and Aite Group and learn:
Why credential pairs are particularly valuable to organized crime rings as they...
As financial institutions modernize their architectures to support digital services, they need to ensure a robust methodology for application management and security in order to keep up with ever-changing security threats and app performance requirements.
Download this report and learn how to:
Ensure the...
Attackers can gather a dossier on their targets using the same technologies that organizations leverage to protect their applications. The attackers gain insight into weaknesses in ways similar to those used by security and fraud teams as they seek information about attackers.
With an even playing field, how can...
Organized crime rings are methodically and systematically leveraging the vast amount of breached data to perpetrate financial crimes. Firms can employ security best practices to change the economics of fraud and encourage fraudsters to move on to more profitable targets.
Download this white paper and learn:
How...
As the cost and investment of launching automated attacks continues to plummet, companies are increasingly experiencing credential stuffing attacks that can lead to account takeover and fraud.
Download this eBook and learn:
How much it costs criminals to attack your business;
The equation attackers use to size up...
In a business environment where customer behavior is changing, digital transformation is accelerating, the threat of fraud is proliferating and challengers are gaining ground, organizations must change their approach to succeed.
A fundamental priority is to find capabilities that offer the opportunity to both...
Investigators probing the supply chain attack that hit SolarWinds say attackers successfully hacked the company's Microsoft Visual Studio development tools to add a backdoor into Orion network monitoring security software builds. They warn that other vendors may have been similarly subverted.
You can’t secure what you can’t see. In fact, gaining visibility and control over all your devices is one of the most important, yet challenging tasks for IT and security teams. The number of connected devices has exploded. At the same time, there are more diverse devices – IoT, IoMT and OT—that are sometimes...
Security researchers are warning that attackers appear to have stepped up scanning for vulnerable Zyxel products, including VPN gateways, access point controllers and firewalls. A recently disclosed vulnerability in the company's firmware can create a hard-coded backdoor.
This edition of the ISMG Security Report features an analysis of the very latest information about the SolarWinds hack. Also featured are discussions of "zero trust" for the hybrid cloud environment and data privacy regulatory trends.
Reacting to reports claiming hackers may have used JetBrains' TeamCity tool as an initial infection vector during the attack against SolarWinds, JetBrains CEO Maxim Shafirov says the company has not been contacted by investigators. But he says customer misconfiguration of TeamCity could have enabled a hack.
A recently uncovered remote access Trojan, dubbed ElectroRAT, has been stealing cryptocurrency from digital wallets over the past year, according to researchers at Intezer Labs. The malware, written in Golang, can target Windows, Linux and macOS platforms.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.