The Russian carding and fraud discussion forum Maza has been breached, and hackers have leaked what appear to be legitimate members' details, including email addresses and forum credentials, threat-intelligence firms report. The breach and data leak follows a recent wave of attacks against cybercrime forums.
The SolarWinds supply chain attack should prompt federal agencies and others to rethink how they approach security issues - especially identity and access management, according to a breakdown of the attack presented this week by NIST and CISA.
Qualys has confirmed that its Accellion File Transfer Appliance software was breached by zero-day-wielding attackers after stolen customer data appeared on the Clop ransomware gang's data leaks site. The security firm's public breach notification comes more than two months after the firm first learned it had been...
The security firm Okta shook up the identity and access management market Wednesday by announcing a $6.5 billion deal to acquire the customer IAM technology supplier Auth0. Two other cybersecurity M&A deals were also announced this week.
In financial services, there is a stark difference between defending against authorized versus unauthorized fraud incidents. James Hunt of Bottomline Technologies discusses the schemes and how to respond with a more dynamic prevention strategy.
New authentication models, including dynamic authorization and continuous authentication, that work well for consumers can be adopted for employees as well, says Thomas Malta, head of identity and access management at the Virginia-based Navy Federal Credit Union.
Payment card information and other data for customers of at least 100 Italian banks and one payment processor were compromised using the Ursnif banking Trojan, according to Avast Threat Labs.
A lack of centralized leadership, especially at the White House level, is hindering the federal government's ability to address numerous cybersecurity issues, including the SolarWinds supply chain attack that affected federal agencies and others, according to a new GAO report.
Microsoft issued emergency software patches on Tuesday for four zero-day vulnerabilities in its Exchange email server. The alarming vulnerabilities could allow a remote attacker into Exchange and possibly enable further lateral movement.
In this era of "work from anywhere," identity and access management solutions are challenged more than ever. What are the strategies and solutions recommended by top CEOs and CISOs in the cybersecurity sector? An expert panel weighs in.
The Lazarus Group, a North Korean hacking operation also known as Hidden Cobra, is deploying TFlower ransomware, using its MATA malware framework, security firm Sygnia reports.
Fortinet’s FortiGuard Labs is out with its latest Global Threat Report, this one reflecting on the second half of 2020. No surprise: After the SolarWinds attack, supply chain security takes center stage. But don’t forget about ransomware and the ongoing attacks on new home branch offices.
Older ATMs across Latin America are being struck by a new version of "jackpotting" malware, which can cause the machines to dispense cash. The malware, called Ploutus, can cause ATMs made by Itautec, a Brazilian company, to discharge up to $1,700.
In an eye-opening look at the cost burden of a ransomware attack, Universal Health Services reports that an incident last September had a $67 million economic impact - citing, for example, the need to divert patients to competing facilities for urgent care. But insurance may cover much of the cost.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.