Progressive companies seeking to improve their security are increasingly adopting bug bounty programs. The theory is that rewarding outside researchers improves security outcomes. But in practice, bug bounty programs can be messy and actually create perverse incentives, says bug-hunting expert Katie Moussouris.
JPMorgan Chase researchers have published a new paper describing their efforts at developing a novel "early warning" system based on artificial intelligence algorithms that can detect malware, Trojans and other advanced persistent threats before the phishing campaign that targets the bank's employees even starts.
George Orwell's "1984" posited a world in which Big Brother monitored us constantly via "telescreens." But thanks to our "smart" AI home assistants - from Google, Amazon and others - we're increasingly installing the monitoring equipment ourselves, and it may "hear" much more than we realize.
Déjà vu basic cybersecurity challenge all over again: With the U.S. government warning that geopolitical tensions could trigger wiper-attack reprisals, security experts review the basic anti-wiper - and anti-ransomware - defenses organizations should already have in place.
The latest edition of the ISMG Security Report assesses the legacy of WannaCry ransomware two years on. Also featured: the evolving role of healthcare CISOs; threat mitigation recommendations based on the 2019 Verizon Data Breach Investigations Report.
Criminal gangs have been hitting e-commerce sites hard lately by injecting their malicious code to "skim" customers' payment card details. In a recent twist, Malwarebytes spotted a malicious iFrame that steps in front of the normal payment process to intercept card details.
C-level executives are 12 times more likely to be the target of social incidents and nine times more likely to be the target of social breaches. This is among the key findings of the latest Verizon's Data Breach Investigations Report. Author John Grim shares insight.
Check Point Research has spotlighted attacks against several embassies that show how subtle changes in source code can alter how security professionals can detect and stop different types of malware.
Among the top new spear phishing threats to enterprises: Extortion. Asaf Cidon of Barracuda outlines the top three spear phishing threats and new strategies to defend against them.
Indian IT service firm Wipro on Tuesday said that it has detected abnormal activities on some of its employee accounts due to an advanced phishing campaign. An investigation is continuing, the company confirms.
Microsoft says intruders targeting its email services had access to email content for a single-digit percentage of the overall affected accounts, a more serious conclusion than first thought. But the company hasn't released many details, including the total number of accounts affected.
Phishing remains one of the most significant attack vectors, and security automation, orchestration and response, or SOAR, can help minimize the threat, says Myke Lyons of ServiceNow.
When a company plans to make an acquisition, it should conduct a "compromise assessment" to assess whether the organization being purchased has had an undiscovered breach, says Steve Ledzian, CTO for Asia Pacific at FireEye.
Microsoft is using its legal muscle to push back against an advanced persistent threat group that is says is "widely associated with Iranian hackers." Following court approval, it is taking control of 99 website domains allegedly used by the attackers as part of an ongoing spear-phishing campaign.
This Valentine's Day, authorities are once again warning individuals to watch out for anyone perpetrating romance scams. The FTC says Americans lost $143 million to romance scams in 2017, while in the U.K., Action Fraud says reported romance scam losses in 2018 topped $64 million.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.