Banking regulators are looking for ways to tackle authorized payment scams, such as spreading the risk to other banks. In a new report on how eight countries are handling this fraud, researcher Ken Palla advises banks to focus on reimbursing victims and preventing the theft.
In today’s connected world, securing web applications and APIs from a wide range of threats — from web app business logic attacks and API abuse to bots — is critical for business success. However, securing digital properties amid cloud journeys, modern DevOps practices, and constantly changing applications and...
In today's dynamic threat environment, security teams must adopt a risk-based approach, prioritizing the most important areas of their organization. They also should not be afraid to seek outside help. Murtaza Hafizji of Bugcrowd discusses the merits of crowdsourced security.
It's been over one year since the release of President Biden's cybersecurity executive order, and federal agencies are making measurable progress in adopting zero trust architecture. Dennis Reilly of Gigamon discusses specific progress around visibility and observability in the network pillar.
As the application development landscape evolves with faster feature release cycles and the adoption of new and modern languages and cloud platforms, software teams are struggling to secure their rapidly growing web attack surface.
There are many vendors claiming to provide effective and scalable offerings to...
Edge Computing is the next iteration of cloud computing — and it’s growing quickly, driven by the exponential growth of data and the increasingly savvy demands of customers.
Cloud computing concentrates resources in a small number of large data centers in remote locations. Overall, it’s good for general...
In the latest "Proof of Concept," experts join ISMG editors to discuss concerns over Twitter's security leading up to the U.S. midterm elections, the move by the U.S. Department of Justice to file its most sensitive court documents on paper, and the recent sanctions against Tornado Cash.
Why is business identity theft increasing, and what are the latest tactics fraudsters are using to scam businesses and gig workers? Eva Velasquez, CEO at the Identity Theft Resource Center, shares her views on how business identity theft has evolved over the years and how to prevent it.
Insurance market giant Lloyd's of London says that starting next year, its cyber insurance policies will no longer cover state-sponsored cyberattacks. But with attribution being inherently tricky, expect this move to be tested in court, says Jonathan Armstrong, a partner at Cordery law firm.
In the latest weekly update, four Information Security Media Group editors discuss key cybersecurity issues, including the high cost of BEC scams, a Cuba ransomware gang's attack on Montenegro, and why so many hacktivists couldn't overcome the technical ennui of the Russia-Ukraine cyberwar.
The latest edition of the ISMG Security Report explores the possible unintended consequences of banning ransom payments, the challenges of opening a cyber intel firm during wartime, and the need for more clarity in the regulation of cryptocurrency firms.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including implications of the Russia-Ukraine cyberwar, the former CISA director’s somber message to the industry at Black Hat, and how the cryptocurrency landscape is changing.
The Identity Theft Resource Center's new report shows a 1,044% increase in social media account hijacking. Banking fraud is also rising, with scammers focusing on using stolen personal data to open new banking and credit card accounts in victims' names, says COO James Lee.
Four ISMG editors discuss how security leaders determine the right level of security for the business, the growing risk of business ID theft to enterprises, and the arrest of a developer suspected of working for cryptocurrency mixing service Tornado Cash, for "facilitating money laundering."
Cloud collaboration suites like Microsoft 365 are critical to business success, but have become significant entry points for potential exploitation. Just as your team relies on email and collaboration tools to accomplish their goals, so too do sophisticated threat actors. And while the built-in security of Microsoft...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.