Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Citrix warns that the bugs could result in privileged code in a guest virtual machine to crash the host or render it unresponsive. [Read More]
North Korean government-backed APT group caught using a fake pen-testing company sock puppet Twitter and LinkedIn accounts in an escalation of a hacking campaign targeting security research professionals. [Read More]
A serious security bug in the 'netmask' npm package leads to misinterpretation of IP addresses. [Read More]
CompuCom shares information on the cost of recovering from a cybersecurity incident, including loss of revenue and major service disruptions. [Read More]
Reuters is reporting that a draft executive order would set new rules on data breach disclosure and use of multi-factor authentication and encryption in federal agencies. [Read More]
Researchers flag a critical security hole in the official Facebook for WordPress plugin and warn it could be abused for remote code execution attacks. [Read More]
Solarwinds has shipped a major security update to fix at least four documented security vulnerabilities, including a pair of bugs that be exploited for remote code execution attacks. [Read More]
The FBI warns that the Mamba ransomware is now weaponizing DiskCryptor to encrypt entire drives, including the operating system. [Read More]
Feedzai lands $200 million in funding to build out its AI/ML-based fraud prevention tools for financial services firms. The round was led by KKR. [Read More]
Facebook’s threat intelligence team says it has disrupted a sophisticated Chinese spying team that routinely use iPhone and Android malware to hit journalists, dissidents and activists around the world. [Read More]

FEATURES, INSIGHTS // Fraud & Identity Theft

rss icon

Josh Lefkowitz's picture
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Travis Greene's picture
While a credit freeze can protect against the opening of fraudulent credit accounts, it is not an inoculation against identity theft. What can be done to help protect identities and the attributes associated with them?
Ting-Fang Yen's picture
The attackers may be looking for the path of least resistance, but there is no shortcut to securing your platform.
Lance Cottrell's picture
In addition to basic credit monitoring, breached companies need to get ahead of the attacks and start providing security solutions that actually protect the victims before they are victimized again.
Torsten George's picture
While effective at curbing “petty crimes” such as credit skimming / cloning, EMV does not address more sophisticated cyber-attacks that target backend systems which contain card holders’ most sensitive information.
James Foster's picture
Many fraudulent accounts are mere satire or innocuous trolling, but others are created with far more devious intentions.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Mark Hatton's picture
They always say in the investment world that cash is king. We are now seeing that in terms of cyber as well. Stealing cash, it’s even better than stealing money.
Gant Redmon's picture
When it comes to cybercrime, the police really can’t and aren’t going to protect residents of your town. The same goes for all towns and cities. Unless you’re talking a high six-figure theft, it's unlikely an officer will be assigned to your case.
Gant Redmon's picture
The holiday season is a time of giving. But savvy security and technology professionals such as yourselves know, both during the holidays and year-round, that not all giving is good.