An online gang with ties to Romania and Russia has been bypassing two-factor, Android-based authentication systems - used by 34 different banks to authenticate customers - via the sophisticated Operation Emmental cybercrime campaign.
A challenge examiners face in conducting forensic investigations in the cloud is that they don't have access to the servers. That's just one problem the National Institute of Standards and Technology is addressing.
Despite official suggestions to the contrary, the Cryptolocker ransomware isn't dead yet, even as new types of ransomware continue to flood onto black market cybercrime forums, one researcher claims.
Security experts say the new alliance between IBM and Apple could lead to broader use of iPhones and iPads at banking institutions if the partnering companies demonstrate adequate security and scalability.
To detect and deter today's threats, security teams need new and dynamic data analytics capabilities. Haiyan Song of Splunk discusses the analytics-enabled SOC and how to improve incident response.
Two zero-day vulnerabilities reportedly were exploited by the attackers who hacked NASDAQ's systems in 2010. While a senior U.S. legislator claims the hackers had "nation-state" backing, security experts say it's still not clear who hacked NASDAQ or why.
The Obama administration urges Congress to update U.S. anti-hacking laws to crack down on fraudsters operating abroad, disrupt spam and DDoS botnets, and arrest "botnet for hire" service providers.
The unrestrained growth of digital information world-wide is making it extremely difficult for organizations to capture, manage, store, share and dispose of information in any meaningful way. With the challenges of an evolving regulatory environment and the information overload problem with management practices, many...
Mobile banking technology may be one of the best retention tools available to banks...a differentiator. Mobile banking customers are 53 percent less likely to leave; and if customers use both mobile banking and bill pay the retention rate increases to 82 percent. The challenge banks face is increasing the security of...
The National Institute of Standards and Technology should use the cryptographic community to help vet the advice it gets from the National Security Agency when creating cryptography guidance, a panel of prominent experts recommends.
British police have worked with an international consortium of law enforcement agencies and information security firms to disrupt financial malware known as Shylock used to infect more than 60,000 PCs and steal millions of dollars.
One month after an international law enforcement effort targeted the Gameover Zeus banking Trojan, new versions of the malware are being distributed via spam campaigns.
Microsoft absolves dynamic DNS provider No-IP of being complicit in a malware campaign that infected millions of PCs and apologies to the 1.8 million customers who experienced outages.
Most organizations that enable users to perform Web transactions (e.g. banks and ecommerce sites) have implemented security controls to address online and mobile fraud. These controls fall into two buckets: transaction-focused intelligence, which looks for anomalous actions, and device-focused intelligence, which...
The "Bolware" malware gang has used Web injection and "man-in-the-browser" techniques to steal up to $3.75 billion. The attack campaign demonstrates how easily attackers anywhere in the world can commit browser-based fraud.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.