Emerging malware increasingly puts banks and their customers at risk for fraud. The sooner malware is detected and removed, the less likely banks are to suffer regulatory penalties and fines, and steep losses linked to fraud.
Spear phishing is going to be a leading worry for banks in 2015, as hackers increasingly target bank employees to compromise credentials used to access consumer and business accounts as well as critical servers and systems.
A new report now claims the breach at JPMorgan Chase is linked to a server the bank's security team overlooked when upgrading to two-factor authentication controls. Why that oversight and a well-planned spear-phishing attack were all hackers needed.
In addition to 56 million payment cards being compromised in the Home Depot data breach, approximately 53 million e-mail addresses also were stolen, the retailer reported in an investigation update on Nov. 6.
Amsterdam is again playing host to the annual Black Hat Europe information security gathering, and presenters have promised to cover everything from privacy flaws in wearable computers to two-factor authentication system failures.
Google says just 2 percent of the recent dump of nearly 5 million credentials to Russian cybercrime forums contained valid Gmail username and password combinations. But anyone who reused the same passwords on other sites remains at risk from hackers.
News reports of a suspected attack against JPMorgan Chase, and perhaps other banks, serve as an important reminder for financial institutions to ramp-up their security efforts, especially to guard against phishing attacks.
The widespread use of mobile devices and social media has fueled spear phishing by eroding the so-called perimeter that once shielded corporate networks, a panel of financial fraud experts says in part two of their discussion about spear phishing trends.
A new impersonation scheme is taking aim at business executives to perpetuate ACH and wire fraud, says Bank of the West's David Pollino, who explains steps institutions should take now to protect their customers.
An online gang with ties to Romania and Russia has been bypassing two-factor, Android-based authentication systems - used by 34 different banks to authenticate customers - via the sophisticated Operation Emmental cybercrime campaign.
An ongoing APT campaign employs decoy documents to lure potential victims into installing malicious remote-control tools. Targets include at least one bank, the BBC and many U.S. and EU government agencies.