In the move to a cashless economy in India and elsewhere, improving user authentication is critical, but users are demanding ease of use, says Singapore-based Tom Wills, director at Ontrack Advisory. He describes the roles that biometrics and artificial intelligence will play.
The U.S. Treasury Department has announced sanctions against 11 individuals and organizations linked to Iran, some of whom have been accused of helping to launch distributed denial-of-service attacks against dozens of U.S. banks from 2011 to 2013.
Top IT security and information risk experts, including former RSA Executive Chairman Art Coviello, analyze the struggles Equifax faces in the wake of a massive data breach in the latest edition of the ISMG Security Report.
Before the Internet, customers who wanted to perform a bank transaction had only one option - a visit to their local branch for a face-to-face transaction. Now, in the "mobile age," customers expect that their bank provide secure and easy access to the full suite of banking services via their mobile device. The...
The arrest of 10 men in Uttar Pradesh for allegedly cloning fingerprints of authorized Aadhaar enrollment officers is once again stirring debate over whether it's wise for India to rely so heavily on Aadhaar for authentication.
Equifax made an error that led to one of the largest and most sensitive data breaches of all time, and the mistake was elementary: The credit bureau failed to patch a vulnerability in Apache Struts - a web application development framework - in a timely manner.
The Trump administration is directing U.S. federal executive branch agencies to remove anti-virus software from Russian-owned Kaspersky Lab from their computers within 90 days. Kaspersky denies "inappropriate" ties to Russian government.
Equifax has a new problem on its hands: Argentina. Investigators with security consultancy Hold Security discovered that Equifax's Argentina website exposed national identity numbers for at least 14,000 citizens. But the information exposure may be far more extensive.
Leveraging intelligence culled from the Dark Web will help boost information security for enterprises, says Avi Rembaum of Check Point Software Technologies.
Ransomware variants are implementing new, innovative techniques that employ unknown binaries and non-malware tactics to evade and bypass traditional defenses. Their encryption techniques go beyond simple files and shares to make it even harder to restore using backups; and their targets are increasingly becoming...
Equifax has yet to describe how its site was breached, except to blame a vague "U.S. website application vulnerability." But some security experts suspect that an unpatched flaw in Apache Struts, fixed by Apache in March, might have been exploited.
A major operation to cleanse websites of digital certificates created under questionable circumstances is underway. Google has issued the orders: Purge digital certificates that were issued by Symantec before June 1, 2016.
It isn't a specific product to be purchased and deployed, but RSA's concept of business-driven security is a new strategy to help improve communication between the operations and risk managers within security organizations. RSA's Ben Smith describes how to start.
The Russian cyber espionage group known as Pawn Storm, which has been around since 2004, has shifted gears to focus on cyber propaganda efforts, and security professionals need to be aware of the changing threat, says Ed Cabrera of Trend Micro.
Many organizations are uncertain about the overall effectiveness of their security strategy because they are still in the dark about aspects of their risk posture, says Brian Soldato of NSS Labs. Conducting a few pen tests a year is not enough, he stresses.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.