Attackers are increasingly targeting mobile channels, driving banks to seek better ways of verifying the authenticity and integrity of not just users, but also mobile devices and transactions, says John Gunn of cybersecurity technology firm Vasco Data Security.
A report on passage by the House of Representatives of a bill aimed at toughening insider threat defenses at the Department of Homeland Security leads the latest edition of the ISMG Security Report. Also, analyzing the use of blockchain technology to secure healthcare data.
Facebook is aiming to make account recovery and password resets more secure with a new, updated approach that eliminates outdated weaknesses such as emailed reset links, SMS messages and security questions.
The subscription-based breach notification service LeakedSource appears to have gone dry. Security expert Troy Hunt says the privacy writing has been on the wall for the site, owing to it selling access to stolen personal data.
Yet another study reveals that millions of people are picking weak passwords, with "123456" remaining our collective favorite. Rules requiring stronger passwords and not forcing passwords to expire both could help boost security.
A list of "super user" passwords - and a default username - now circulating online appears to allow unauthorized access to some webcam video streams, security researchers warn. If confirmed, it would be yet another massive internet of things security failure by a device manufacturer.
Seven state insurance commissioners conclude in a new in-depth report that the massive cyberattack on Anthem Inc. was carried out by a hacker on behalf of a nation-state. But they stop short of naming the nation involved or penalizing Anthem for the breach that affected 80 million.
Will more "historical" breaches be revealed in 2017 and beyond? Data breach expert Troy Hunt is optimistic that such revelations will become rare as large businesses operating online continue to improve security. But what about small and mid-size organizations?
In this special edition of the ISMG Security Report, DataBreachToday Executive Editor Mathew Schwartz discusses the Russian groups behind damaging hacks against the U.S. and Strategic Cyber Ventures CEO Tom Kellermann details cyberthreats posed by the West's nation-state adversaries.
Hacks sponsored by nation-states and attacks fueld by IoT-powered botnets are just some of the daunting threats we will see in 2017, says cybersecurity thought leader Tom Kellermann. What are his top predictions, and how should security leaders respond?
The emergence of contactless chip payments on mobile phones is changing the way transactions are authenticated and secured, Jeremy King of the PCI Security Standards Council explains in this audio interview.
Following the government's recent demonetisation initiative, the RBI has announced removal of its two-factor authentication requirement for low-value card-not-present transactions. But some critics fear the move, designed as a catalyst for cashless transactions, could lead to an increase in fraud.
Coming soon to an internet service provider near you: routers infected by IoT device botnet-building malware such as Mirai. The latest victim is ISP TalkTalk, which is updating routers to block DDoS attackers who have been seizing control of the devices.
As fraudsters continually refine their techniques to steal banking customers' credentials, IBM fights back with new tools that use behavioral biometrics and cognitive fraud detection. IBM's Brooke Satti Charles offers a preview.
The Internet Archive, a pioneering 20-petabyte digital repository, is raising funds to replicate its data in Canada. The group's founder fears that the election of Donald Trump as the next U.S. president portends an uncertain privacy rights future.