This white paper outlines the limitations of traditional defense mechanisms; specifically, how cybercriminals have refined the malware manufacturing and development process to systematically bypass them - thereby initiating an arms race with defenders. Security patches are found to be a primary and effective means to...
Unfortunately, user accounts with reduced privileges do not provide protection from attack, misuse or compromise. Reduced privileges for end-users can only be regarded as one part of an effective security strategy that should not be solely relied on. Organizations should know the limitations of this approach to...
Investigators have linked a retail-credit scheme to a pair of fraudsters who are believed to have stolen $9 million from 8,000 victims. How could such a scheme go undetected for 15 years?
Nearly four years ago, Capital One Bank set out to integrate its fraud detection and anti-money laundering platforms. Today, the institution has some impressive results and savings to share.
The new FFIEC Guidance is clear. And the deadline to have a plan in place is quickly approaching. Financial institutions need to perform periodic risk assessments of customer authentication controls based on threats and subsequently increase levels of controls based on threats. As part of this risk assessment,...
A Pasco County, Fla., man has been charged for his involvement in a summer skimming spree that targeted Bank of America ATMs. Why do authorities believe he likely has connections to an international crime ring?
Giving employees the chance to use their own mobile devices on their employers' network isn't necessarily given. That's what Delaware Chief Security Officer Elayne Starkey found when the state implemented a new program to allow the secure use of personal devices on state networks.
When Mano Paul of (ISC)2 discusses today's top application security challenges, he draws an analogy with sharks. And what he views as the skills needed to tackle today's top threats might surprise you.
The Durbin Amendment to the Dodd-Frank Act brought enormous change to the payments industry. But within this change comes a whole new value proposition for the PIN debit network - and for institutions' efforts to fight fraud.
Winn Schwartau says the BlackBerry disruption this past week (see BlackBerry Disruptions: Where to Start?) hit at the heart of one of the fundamentals of IT security: availability.
The disruption of text messaging and Web browsing for BlackBerry customers opens up issues of company transparency and business continuity. How should the company have responded?
Skimming incidents at bank branch ATMs and vestibules are adding up to huge losses. One bank says it could easily lose $50,000 over one weekend at a single ATM. So, what can institutions do to deter and detect skimmers?
"I think the New York Stock Exchange was probably prepared for this sort of thing anyway," says security researcher Wendy Nather. "One threat, more or less, is not going to make a difference in the security measures they have in place."
As the Bank of America website outage proved, "Assuming it's an attack or breach is now the default response," says ID theft expert Neal O'Farrell. So, how can organizations change that perception?
The Department of Homeland Security is undertaking nine private and three public cloud computing initiatives, establishing private cloud services to manage sensitive but unclassified information while using the public cloud for non-sensitive data.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.