Hackers have changed their tactics and are exploiting flaws in popular software applications – including security programs — to break into the computers of consumers, government agencies, and businesses. What’s new about this, you might ask? The key word is “applications.” ...
Omar A. Herrera Reyna – CISA, CISSP(omar.herrera@oissg.org)November 2005 (If you missed Security solutions for e-banking and e-commerce with credit/debit cards,- Part 1: Analyzing the Security Issues click here)While there are some good solutions available from a security perspective, I believe that we...
High-tech criminal gangs with access to sophisticated keylogging viruses pose a growing threat to banks and financial institutions.Recently, England’s High Tech Crime Unit foiled an effort to steal over $100 million from a Japanese bank in London. The gang gained access to Sumitomo Corp.’s computer...
October 27Â - GAO recognizes the importance of strong financial systems and internal controls to ensure our accountability, integrity, and reliability. To achieve a high level of quality, management maintains a quality control program and seeks advice and evaluation from both internal and external sources. GAO is...
Federal Deposit Insurance Corporation Division of Supervision and Consumer Protection Technology Supervision Branch June 17, 2005 This publication supplements the FDIC’s study Putting an End to Account-Hijacking Identity Theft published on December 14, 2004. Executive Summary and Findings Focus of Supplement...
We all know the threats posed by spyware to enterprise networks: user ID and password theft, financial loss, productivity drain, intellectual property theft. Security practitioners have two defenses at their disposal: the human and the technical. While the technology for combating spyware is improving, antivirus...
To help verify a user's identity in the case of a lost password, many Web applications use secret questions. By answering a pre-selected question, a user can demonstrate some personal knowledge of the account owner. A classic example is asking to provide a mother's maiden name.
Answering secret questions requires...
Omar A. Herrera Reyna – CISA, CISSP(omar.herrera@oissg.org)November 2005 IntroductionWith all sort of attacks against e-banking and e-commerce systems targeting primarily customers, securing transactions has become increasingly difficult for banks and online stores.There is a widespread use of credit and...
A. RISK DISCUSSIONIntroductionA significant number of financial institutions1 regulated by the financial institution regulatory agencies (Agencies)2 maintain sites on the World Wide Web. Many of these websites contain weblinks to other sites not under direct control of the financial institution. The use of weblinks...
National Security InstitutePopular E-Greeting Card Carries TrojanAn e-mail message that claims to hold a link to a greeting card is responsible for a recent series of “Trojan horse†cyber-attacks. The e-mail directs recipients to click on a link in order to pick up an e-card from a “secret...
The four federal banking agencies--the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, and the Office of Thrift Supervision--today published an interagency advance notice of proposed rulemaking (ANPR) regarding potential...
New data shows that on average, businesses are spending an eye-popping amount of money every month in IT resources to fight the spyware plague.FaceTime Communications, an IT security provider, surveyed more than 1,000 IT managers and end users. The key finding: spyware and other unsanctioned downloads are...
Internet-related crime, fraud, and damage is going through the roof. Here we take a look at what Consumer Reports has named the four major online threats you need to defend against.VIRUSES AND WORMSOldies but goodies (baddies?), these have plagued computer users for nearly two decades. They typically infect computers...
George CapehartIn a previous column we talked about some of the characteristics of Web services systems that have implications for Information Security and identified some of the kinds of security problems that arise in systems that are implemented in this paradigm. One of the sets of problems that was mentioned...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
