Financial institutions feel the pain of recent retail breaches, and they seek new ways to secure payments and fight fraud. But how can security leaders influence changes within their own organizations?
A low-tech campaign combines phishing, small-footprint attack code and Android malware to topple banks' security defenses in Switzerland and three other nations. Will the campaign extend to U.S., U.K., and beyond?
Key figures trusted with safeguarding the British financial services sector recently gathered in a subterranean London conference room to find better ways to secure banks against cyber-attackers. One key step? Managing supply chain risks.
Infrastructure security used to be more manageable. But it's far more complex in today's cloud environment. Carson Sweet of CloudPassage shares insight and strategies to improve cloud infrastructure security.
As a customer, Delaware Chief Security Officer Elayne Starkey has seen the evolution of cloud computing over the past three years to a point where she has more sway over the security terms of cloud services contracts.
Sources say a yet-to-be-confirmed breach of payment card data linked to transactions at Goodwill Industries could be linked to a point-of-sale vulnerability that may have affected other numerous merchants.
Big data has been the recent buzz in security circles, but what are organizations missing by overlooking the power of "small data?" Verizon's Jay Jacobs discusses how to get the most from data analytics.
Attackers increasingly focus on software vulnerabilities in what application security expert Anthony Lim calls "the invisible onslaught." How can the CISO exert more control over software development?
The 9/11 Commission, in its 10th anniversary report, cautions Americans and the U.S. government to treat cyberthreats more seriously than they did terrorist threats in the days and weeks before Sept. 11, 2001.
An online gang with ties to Romania and Russia has been bypassing two-factor, Android-based authentication systems - used by 34 different banks to authenticate customers - via the sophisticated Operation Emmental cybercrime campaign.
A challenge examiners face in conducting forensic investigations in the cloud is that they don't have access to the servers. That's just one problem the National Institute of Standards and Technology is addressing.
Despite official suggestions to the contrary, the Cryptolocker ransomware isn't dead yet, even as new types of ransomware continue to flood onto black market cybercrime forums, one researcher claims.
Security experts say the new alliance between IBM and Apple could lead to broader use of iPhones and iPads at banking institutions if the partnering companies demonstrate adequate security and scalability.
To detect and deter today's threats, security teams need new and dynamic data analytics capabilities. Haiyan Song of Splunk discusses the analytics-enabled SOC and how to improve incident response.
Two zero-day vulnerabilities reportedly were exploited by the attackers who hacked NASDAQ's systems in 2010. While a senior U.S. legislator claims the hackers had "nation-state" backing, security experts say it's still not clear who hacked NASDAQ or why.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
