For attackers, "credential stuffing" - using stolen usernames and passwords to log into any site for which a user reused their credentials - is the gift that keeps on giving, says security researcher Troy Hunt. Here's how organizations can mitigate the threat.
Leading the latest edition of the ISMG Security Report: An analysis of how distraction tactics were used during a $10 million SWIFT-related hack at Banco de Chile. Also, a wrapup of Infosecurity Europe.
The geneology service MyHeritage says a security researcher found 92 million email addresses and hashed passwords for its users on a private external server. The company, however, says there's no evidence of abnormal account activity or indications family trees or DNA results were affected.
Payments are getting faster, and so is payments fraud. A robust fraud management strategy focusing on strong authentication, customer education and scalable responses can be instrumental in minimizing payment fraud risk.
Privacy regulations, user satisfaction concerns and the need to prevent data breaches are driving more organizations that must authenticate users to find "a better way of ensuring that people are who they are when they are accessing critical information," says Tony Smales, CEO of Forticode.
Despite the buzz about digital transformation, most enterprises remain overwhelmed by having to support and secure legacy technologies, says Mark Loveless of Duo Security. How can they simultaneously protect their legacy systems while securing their future?
New PCI requirements that go into effect June 30 are pushing payment card acquirers, processors, gateways and service providers worldwide to implement more secure encryption protocols for transactions. But are they ready?
Have you heard the statistics supporting the fact that every enterprise - from airlines and appliance manufacturers to banks and hospitals - needs to make a digital transformation? By 2020, 72% of the world's employees will be mobile workers, more than 20B devices will be connected to the internet of things and we'll...
Ovum, a market-leading research and consulting business that helps enterprises thrive in the connected digital economy, explains why every enterprise should put stronger authentication service on their radar as a means of better securing their companies data and minimizing their fraud exposure risk all while...
What are the best practices for addressing security in "smart city" projects? Vikas Kanungo, senior consultant, transport and ICT global practice, at the World Bank, offers insights in an in-depth interview.
The U.S. and U.K. warned Monday that Russian hackers have compromised critical internet infrastructure with the aim of spying, extracting intellectual property and gaining footholds for future cyberattacks.
The Unique Identification Authority of India has taken the next step toward adding an extra layer of security to protect Aadhaar data, a move that some security leaders are welcoming in light of recent Aadhaar-related data leaks.
In this in-depth interview, Daniel Cohen of RSA discusses how open banking, also known as banking as a service, will affect the fight against fraud and offers insights on the security steps banks should be taking.