Financial institutions still have a long way to go to fight fraud and mitigate online banking vulnerabilities. But what exactly are the top vulnerabilities, and what can institutions do about them?
What's the connection between 14 Romanians and an alleged phishing scheme that involved 10 U.S. banks and their customers? A new, unsealed indictment outlines a massive fraud and ID theft conspiracy.
2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
ACH fraud victim Mark Patterson says small businesses like his welcome improved online security measures from banking institutions. But is the new FFIEC Authentication Guidance sufficient? Patterson says no.
Banks and credit unions are feverishly working to meet the FFIEC's authentication compliance deadline next year. But experts say institutions should be looking beyond the guidance, by making investments in cross-channel fraud detection.
Bank of America's Keith Gordon says securing the mobile channel is much like securing any other banking channel: Controlling risks requires layers of security and controls. But educating customers plays a key security function, too.
Medtronic's announcement that it's launching an "in-depth risk/benefit analysis" following an "ethical hack" of one of its insulin pumps is good news. We hope that Medtronic and all other medical device manufacturers launch long-overdue, aggressive efforts to improve medical device safeguards.
The disruption of text messaging and Web browsing for BlackBerry customers opens up issues of company transparency and business continuity. How should the company have responded?
"Organizations are putting in layers of security and tools to safeguard information and assets, however, the fraudsters are attacking our weakest link, the consumer," says Anthony Vitale of Patelco Credit Union.
What Operation Shady RAT reminds us is not just how vulnerable our IT systems are, but how interconnected we are as a global society, and the fundamental role information technology plays.
The FFIEC Authentication Guidance update is out, and third-party service providers need to begin reviewing their internal systems and communicating with their financial institution customers, says Wells Fargo Bank's Phil Alexander.
Corporate account takeover events are reigniting the debate between banks and their former commercial customers, about everything from fraud liability and the "good faith" standard to commercially reasonable security.
Despite previously announced plans to appeal last month's ruling in the ACH fraud lawsuit filed by Experi-Metal Inc., Comerica Bank now says it has resolved to pay the $560,000 in damages and close the case.
The FFIEC's updated online authentication guidance urges banks and credit unions to do better jobs of authenticating and identifying devices, areas that aren't bolstering the kind of security they could, says security expert Ori Eisen.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.