What really makes a “strong” password? And why are you and your end-users continually tortured by them? How do hackers crack your passwords with ease? And what can/should you do to improve your organization’s authentication methods?
Password complexity, length, and rotation requirements are the bane of IT...
Application fraud has spiked - particularly bogus new accounts - and organizations are scrambling to improve fraud detection mechanisms without negatively affecting the legitimate customer's experience. Robin Love of Early Warning shares insights on how to better predict new account risk.
Banks are getting better at catching a wide range of scams targeted at customer accounts, but they are still struggling with stopping authorized payment fraud through peer-to-peer payment companies such as Zelle, says David Pollino, former divisional CISO with PNC Bank.
The arrest of a Ukrainian national long wanted on cybercrime charges in the U.S. shows that with much patience, law enforcement can nab suspects. A key member of the JabberZeus gang, which stole tens of millions of dollars, was arrested in Geneva.
Security training typically fails because it doesn’t take these realities into account. In other words, it
doesn’t reflect how people work and learn today.
It’s delivered too infrequently (what did IT say I should do when I get a suspicious email?).
It’s long, dull, dry, and boring (I’ll pay...
With fraudsters evolving their tactics and tricking a growing number of people with authorized payment scams, it's time for banks and security solution providers to explore new ways to protect consumers who are left holding the bag, says Ian Mitchell, managing partner at Omega FinCrime.
Compromised accounts may be the most dangerous email threat that organizations face. Once an account has been compromised, it can be used to execute additional attacks—providing threat actors a variety of opportunities to steal funds and sensitive information.
And because the messages are being sent from the...
Fraudsters are using tried-and-true tactics such as check washing as well as Zelle scams and a host of insider threats to scam banks and their customers. Frank McKenna, chief fraud strategist at Point Predictive and author, explains why fraud is on the rise and the steps banks can take to stop it.
The ongoing global logistics disruptions stemming from the COVID-19 pandemic continue to impact businesses and consumers as the flow of consumer goods.
Supply chain issues were a key challenge for many retailers throughout 2021 and these challenges are expected to persist in 2022. Now there is another challenge...
Uber is probing a hack attack after an intruder appeared to breach multiple internal systems, using the company's Slack messaging app to announce: "I am a hacker and Uber has suffered a data breach." The ride-hailing service has taken multiple systems offline while it investigates.
Credential phishing attacks represent a huge threat to organizations as a well-crafted (or even somewhat realistic-looking) phishing email can trick an employee into providing login credentials.
In our threat report covering data from January-June 2022, Abnormal Security found a 48% increase in email attacks over...
The latest ISMG Security Report discusses a new phishing-as-a-service toolkit designed to bypass multifactor authentication, the decision by Lloyd's of London to exclude nation-state attacks from cyber insurance policies, and challenges at Okta after it acquired customer identity giant Auth0.
Digital identities a – particularly the TLS certificates throughout your organization – are used by
machines to authenticate machine-to-machine communications. But they also protect machines
through consistent, trusted encryption.
When these machine identities fail, organizations experience outages. Even...
Cloud collaboration suites like Microsoft 365 are critical to business success, but have become significant entry points for potential exploitation. Just as your team relies on email and collaboration tools to accomplish their goals, so too do sophisticated threat actors. And while the built-in security of Microsoft...
Attackers are attempting to reset the passwords of some DigitalOcean customers, the cloud infrastructure provider says. The email addresses of these customers were likely exposed in a data breach involving Mailchimp, which provided transactional email services for DigitalOcean.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.