Latest

►

Anti-Money Laundering (AML)

The Role of Predictive KYC in Fighting Money Laundering

Suparna Goswami  •  April 9, 2021

How can automation help to reduce money laundering fraud? Larry Gordon and Kathleen Gowin of the consultancy Endurance Advisory Partners describe how predictive KYC can help mitigate risks.

Cybercrime

Fraudsters Flooding Collaboration Tools With Malware

Prajeet Nair  •  April 9, 2021

The increasing reliance on collaboration tools such as Slack and Discord to support those working remotely during the COVID-19 pandemic has opened up new ways for fraudsters and cybercriminals to bypass security tools and deliver malware, Cisco Talos reports.

►

Endpoint Security

Weekly Roundup: Biden’s Cybersecurity Proposals and More

Anna Delaney  •  April 9, 2021

Four editors at Information Security Media Group discuss important cybersecurity issues, including President Biden’s latest cybersecurity proposals and large vendor-related breaches in healthcare.

Cybercrime

Crisis Communications: How to Handle Breach Response

Anna Delaney  •  April 9, 2021

The latest edition of the ISMG Security Report features an analysis of why transparent communication in the aftermath of a data breach pays off. Also featured: Mastercard on digital identity issues; building a more diverse and inclusive cybersecurity workforce.

Business Continuity Management / Disaster Recovery

Ransomware Gang Exploits Old Fortinet VPN Flaw

Akshaya Asokan  •  April 8, 2021

The gang behind ransomware dubbed "Cring," which has waged a series of attacks this year, is exploiting a Fortinet VPN server vulnerability that the company patched in 2019, according to a report from the security firm Kaspersky that analyzes one attack in Europe.

Fraud Management & Cybercrime

Post-Ransomware Response: Victim Says 'Do the Right Thing'

Mathew J. Schwartz  •  April 8, 2021

Crisis communications: If your organization suffers a ransomware outbreak - despite its best cybersecurity efforts - is it ready to respond quickly and transparently? Experts have lauded the Scottish Environment Protection Agency for its response, saying it's a model for other victims to emulate.

Cybercrime

Ziggy Ransomware Gang Offers Victims Ransom Refunds

Doug Olenick  •  April 7, 2021

The now-defunct Ziggy ransomware gang is reportedly offering to return the ransoms it collected, but some security experts question whether the offer is legitimate or a publicity stunt.

Fraud Management & Cybercrime

Attackers Target Unpatched SAP Applications

Akshaya Asokan  •  April 7, 2021

Attackers are targeting unpatched SAP applications, and the exploits could lead to the hijacking of the vulnerable systems, data theft and ransomware attacks, SAP and Onapsis Research Labs report. They note that patches for most of the flaws have been available for several years.

►

Fraud Management & Cybercrime

Countering Deepfake Fraud in Digital Onboarding

Nick Holland  •  April 5, 2021

Preventing deepfake fraud while addressing customer digital onboarding ease-of-use concerns is a balancing act. Sanjay Gupta of Mitek discusses the challenge of juggling security and the user experience in digital banking.

Breach Notification

Ubiquiti's Breach Notification: The 'No Evidence' Hedge

Mathew J. Schwartz  •  April 5, 2021

When a breached organization such as Ubiquiti says it is "not currently aware of evidence" that attackers stole customer data, it too often means: "We don't know, because we failed to have in place the robust logging and monitoring capabilities that might have provided us all with real answers."

Breach Notification

533 Million Facebook Account Records Posted to Forum

Doug Olenick  •  April 4, 2021

A security researcher found more than 500 million Facebook records being offered for free on the darknet, exposing basic user information, including any phone numbers associated with the accounts. Facebook says this is “old data” previously reported as exposed.

►

Cryptocurrency Fraud

The Case for Central Bank Digital Currencies

Nick Holland  •  April 2, 2021

Many governments are exploring Central Bank Digital Currencies to reduce costs and expand digital inclusion. Karen Hsu of AppDome discusses the opportunities and challenges for minting digital money.