Insurance market giant Lloyd's of London says that starting next year, its cyber insurance policies will no longer cover state-sponsored cyberattacks. But with attribution being inherently tricky, expect this move to be tested in court, says Jonathan Armstrong, a partner at Cordery law firm.
In the latest weekly update, four Information Security Media Group editors discuss key cybersecurity issues, including the high cost of BEC scams, a Cuba ransomware gang's attack on Montenegro, and why so many hacktivists couldn't overcome the technical ennui of the Russia-Ukraine cyberwar.
As the economy places a greater emphasis on operational continuity, speed, and agility, API security is crucial for digital firms. In 2022, API security violations will be the most common attack method for data breaches in enterprise web apps, predicts Gartner.
The concern of unjustified exposure of the valuable...
Digital identities a – particularly the TLS certificates throughout your organization – are used by
machines to authenticate machine-to-machine communications. But they also protect machines
through consistent, trusted encryption.
When these machine identities fail, organizations experience outages. Even...
Expel is out with its latest quarterly threat report, which reveals that Identity-based attacks now account for 56% of incidents identified by Expel's SOC. Jon Hencinski shares highlights from the report and how to respond to BEC, ransomware and attackers who have found ways to defeat MFA.
The Identity Theft Resource Center's new report shows a 1,044% increase in social media account hijacking. Banking fraud is also rising, with scammers focusing on using stolen personal data to open new banking and credit card accounts in victims' names, says COO James Lee.
Four ISMG editors discuss how security leaders determine the right level of security for the business, the growing risk of business ID theft to enterprises, and the arrest of a developer suspected of working for cryptocurrency mixing service Tornado Cash, for "facilitating money laundering."
Attackers are attempting to reset the passwords of some DigitalOcean customers, the cloud infrastructure provider says. The email addresses of these customers were likely exposed in a data breach involving Mailchimp, which provided transactional email services for DigitalOcean.
Signal says 1,900 of its customers have been affected by the recent phishing attack on its third-party vendor Twilio. Signal says phone numbers and SMS verification codes of 1,900 customers are compromised, potentially transferring access of these accounts to the attackers.
Fraudsters have one key aim: to make the most money with the least effort.
The types of fraud consistently evolve to pick off the easiest targets. As digital identity and transaction monitoring solutions have become more advanced, fraudsters have faced an increasingly robust barrier to brute force account takeover...
The adoption of digital platforms shows no signs of slowing down as consumers embrace the convenience of mobile channels in Asia-Pacific region. What has also become clearly apparent from analysis of the LexisNexis® Digital Identity Network®, is that fraud is on the rise as consumer confidence returns.
In...
By all accounts, Buy Now, Pay Later stands to be one of the
biggest disruptors the credit landscape has seen
in years. With the market expected to surpass $179
billion by the end of 2022, the opportunities for
growth are enormous. This also means fraudsters are taking note as the industry is trending in the...
Sandy Carielli, principal analyst at Forrester, shares research on the latest bot management trends. Forrester found that while bots affect security, e-commerce, marketing, fraud and other teams, security professionals are still the most common bot management users.
The accelerated shift to digital banking has led to a surge in online fraud of all types. Recent studies have shown that 33% of U.S banks’ fraud costs in 2021 came from online banking – a 26% increase from 2020. The increased complexity, volume, and speed of today’s online transactions mean that organizations...
Canada's Desjardins Group has reached an out-of-court settlement to resolve a data breach class action lawsuit. The breach, which the credit union group first disclosed in 2019, traced to a "malicious" insider who for 26 months had been selling personal details for 4.2 million active customers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.