Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Cisco patches a critical vulnerability in an SD-WAN software product but warned that a different high-risk bug in end-of-life small business routers will remain unpatched. [Read More]
NEWS ANALYSIS: Google’s decision to promote Rust for low-level Android programming is another sign that the shelf-life for memory corruption mitigations are no match for the speed of in-the-wild exploit development. [Read More]
Proofpoint warns that attackers are leveraging compromised supplier accounts and supplier impersonation to send malware, steal credentials and perpetrate invoicing fraud. [Read More]
Researchers have discovered FlixOnline, new Android malware that uses Netflix as its lure and spreads malware via auto-replies to WhatsApp messages. [Read More]
Facebook cracks down on deceptive networks, including five that mainly targeted individuals outside their countries and nine focused on domestic audiences. [Read More]
A joint report from SAP and Onapsis warns that advanced threat actors are targeting new vulnerabilities in SAP applications within days after the availability of security patches. [Read More]
Researchers report that a subgroup of the Molerats APT is employing voice changing software in attacks targeting regional adversaries and political opponents. [Read More]
In a new pilot program, the U.S. DoD invites the HackerOne community to remotely test the participating DoD contractors’ assets and report on any identified vulnerabilities. [Read More]
Kaspersky researchers warn that China-linked APT group Cycldek using custom malware in a series of recent attacks targeting government and military entities in Vietnam. [Read More]
The U.S. government's Cybersecurity and Infrastructure Security Agency (CISA) warns that APT actors are exploiting Fortinet FortiOS vulnerabilities in attacks targeting commercial, government, and technology services networks. [Read More]

FEATURES, INSIGHTS // Fraud & Identity Theft

rss icon

Joshua Goldfarb's picture
Josh Goldfarb debunks the most common myths surrounding fraud, security and user experience.
Joshua Goldfarb's picture
Josh Goldfarb discusses what enterprises can do to mitigate risk and limit losses account takeover (ATO) fraud, account opening (AO) fraud, and payment fraud.
Idan Aharoni's picture
Proposed Distributed Account Information Certification (DAIC) enables organizations to quickly and securely validate the bank account information of companies before they send payments
Joshua Goldfarb's picture
By implementing controls to prevent fraud and implementing fraud monitoring capabilities, state agencies can greatly reduce the amount of unemployment fraud that happens under their auspices.
Joshua Goldfarb's picture
For any fraud detection solution to be practical, it must be easily integrated into security and fraud operations.
Joshua Goldfarb's picture
Facts, data, and evidence are extremely important to properly detecting, preventing, and investigating both security incidents and fraud incidents.
Joshua Goldfarb's picture
Playing whack-a-mole with malicious code infections, phishing sites, and compromised credentials won’t help an enterprise reduce losses due to fraud.
Laurence Pitt's picture
Although robocalls are a pain for many of us, action is being taken to bring the problem under control.
Alastair Paterson's picture
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
Josh Lefkowitz's picture
The abundance of compromised card data and other assets available online continues to hinder the fight against card-not-present (CNP) fraud.