In Australia, it can take as few as 15 minutes to steal someone's phone number, a type of attack known as SIM hijacking. Such attacks are rising, but mobile operators have no plans to change the authentication required around number porting, which can be set in motion online with minimal personal information.
Air Canada is forcing 1.7 million mobile app account users to reset their passwords after it detected unusual login behavior that it says may have exposed 20,000 accounts, including passport information. But the company is enforcing password complexity rules that experts advise against.
It's déjà vu "FBI vs. Apple" all over again, as Reuters reports that the Justice Department is seeking to compel Facebook to build a backdoor into its Messenger app to help the FBI monitor an MS-13 suspect's voice communications.
Leading the latest edition of the ISMG Security Report: Chris Morales of the cybersecurity firm Vectra discusses how the industrial internet of things is changing the nature of industrial espionage and disruption.
Many medical device makers appear to building better cybersecurity into their products, but some manufacturers are still avoiding fixing vulnerabilities in legacy devices that pose potential safety risks, says security researcher Billy Rios, who discusses the latest flaws in some Medtronic cardiac devices.
As the HIPAA security rule turns 20, it's time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that's happened over the past two decades, says security expert Tom Walsh.
Hubris has a new name: Bitfi. The cryptocurrency wallet-building company, backed by technology eccentric John McAfee, earned this year's not-so-coveted Pwnies Award for "Lamest Vendor Response" for how it mishandled security researchers' vulnerability disclosures. Bitfi has promised to do better.
PSD2 requires European banks to provide communication interfaces to Third Party Providers (TPPs). These interfaces, generally referred to as APIs, will allow TPPs to build innovative financial services on top of the services provided by banks.
Download this white paper and learn about:
The PSD2 requirements for...
A leading mobile-based financial services company sought out fraud prevention tools. In the past, fraudsters used that company's customer accounts to funnel money via stolen identities. But with advanced device fingerprint technology, the company could detect multiple accounts created from the same device and suspend...
RSA's most recent Quarterly Fraud Report shows that "newsjacking" is increasingly empowering phishing attacks, says Angel Grant, RSA's director of identity fraud and risk intelligence. The report also shows a continuing surge in mobile app fraud.
Following reports about U.S. companies that enable government and other users to access real-time tracking information for all major U.S. wireless carriers' subscribers, provider Securus Technologies has reportedly been hacked, while LocationSmart has fixed a data-exposing flaw.
Since mobile banking usage is set to grow exponentially, banks must overcome structural challenges and
reconcile consumers' appetite for ease of use with the desire for greater security.
There are a growing number of fintech startups that have been able to overstep the legacy cost structures
One of the leading mobile-based financial services targeted at millennials approached Simility to help fight fraud. Simility provided an end-to-end solution which included customized models for their specific needs.
Fraudsters were using the company's customer accounts to funnel money via stolen identities. But...
Businesses across the UK and Europe spend billions each year on identity and access management, but almost all of this money is spent on protecting the digital identities of humans - usernames and passwords.
On the other hand, businesses spend almost nothing on protecting machine identities, even though our entire...