The revelation that 533 million previously stolen Facebook account records have been made public on a darknet forum should inspire organizations to take aggressive action to further protect customer data security, some security experts say.
Synthetic identity fraud is a pervasive yet ill-defined crime – hard to define as well as to detect. Greg Woolf of FiVerity discusses a recent initiative by the Federal Reserve in Boston to better define and therefore better manage SIF.
Four editors at Information Security Media Group discuss important cybersecurity issues, including dealing with attacks targeting the aging Accellion File Transfer appliance and taking steps to enhance employee authentication.
The zero-day attacks against Accellion's File Transfer Appliance show that a number of big-name firms continued to use the legacy technology - even though more secure, cloud-based options were available. Evidently, many CISOs didn't see a compelling reason to move on. Of course, now they do.
Identity crimes are up, but data breaches are down. What does this mean for risk mitigation strategies? Jim Van Dyke and Al Pascual of Sontiq offer an analysis.
Many organizations have updated the authentication process for customers to help ensure frictionless transactions. Now, some are starting to take similar steps to streamline and enhance authentication of their employees - especially those working remotely.
The SolarWinds supply chain attackers manipulated OAuth app certificates to maintain persistence and access privileged resources, including email, according to researchers at Proofpoint.
The SolarWinds supply chain attack should push federal government agencies to adopt the "zero trust" model and deploy better endpoint detection and response tools, according to the new federal CISO and the acting director of the U.S. Cybersecurity and Infrastructure Security Agency.
Organizations should go beyond one-time passwords to include other layers of authentication as they strive to mitigate the risk of synthetic ID fraud, says Amy Walraven, president of Turnkey Risk Solutions, a Newark, Delaware-based risk management company.
“Passwordless” has become the holy grail for user authentication. But there are different interpretations of what passwordless is – and is not. Tom “TJ” Jermoluk, CEO of Beyond Identity, addresses some of the myths,the realities and how passwordless is deployed today.
Tales of poorly secured internet-connected cameras come along regularly. But the latest installment seems especially egregious because it involves Verkada, a widely used "surveillance camera as a service" startup, and led to remote hackers being able to spy on customers via their own cameras.
Jeremy Grant, coordinator of the Better Identity Coalition, offers a progress report on the 3-year-old organization's efforts to help prevent breaches with better identity management.
Speech recognition has become a powerful tool for authenticating customers in a seamless manner, says Sekar Jaganathan, director of digital strategy at Malaysia’s Kenanga Investment Bank.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.