Although The Bangladesh Central Bank has mandated all banks in the country comply with the PCI Data Security Standard, many are not yet compliant, says Abul Kalam Azad, head of IT security and compliance at Eastern Bank.
As the risks to IT and OT converge, organizations must ramp up their threat intelligence information sharing mechanisms and build a more comprehensive cybersecurity policy, says Singapore-based John Lee, managing director of GRF Asia, a federation for building global resilience.
Wells Fargo, the fourth largest bank in the U.S., has directed employees to remove the TikTok social media app from their company-issued devices, citing security concerns. The news comes after Amazon sent mixed signals to its employees about use of the social media app.
A Russian national has been found guilty of hacking LinkedIn, Dropbox and the now defunct Formspring to steal millions of user credentials, some of which were later sold on underground markets.
Connected devices for consumers don't come with service-level agreements agreements. The travails of Petnet, the maker of an automatic, cloud-enabled pet feeder that has now gone offline offer a tale of caution that points to the need for stronger consumer protection for cloud-enabled devices.
To the long list of alleged hackers who failed to practice good operational security so they could remain anonymous, add another name: Andrey Turchin, who's been charged with running the Fxmsp hacking group, which prosecutors say relied on Jabber and bitcoins in an attempt to hide their real identities.
The U.S. Secret Service is combining its electronic and financial crimes units into a single task force that will focus on investigating cyber-related financial crimes, such as BEC schemes and ransomware attacks. The move comes as lawmakers push for the Secret Service to take a more active role in fighting cybercrime.
Five billion unique user credentials are circulating on darknet forums, with cybercriminals offering to sell access to bank accounts as well as domain administrator access to corporate networks, according to the security firm Digital Shadows.
Finding the right tools to analyze evidence for fraud investigations is challenging, says Paula Januszkiewicz, CEO of CQURE, a provider of specialized services in IT infrastructure. She'll be a featured speaker at the RSA APJ virtual conference to be held July 15-17.
A recently uncovered phishing campaign is using spoofed Zoom account alerts to steal Microsoft Office 365 credentials, according to a report from Abnormal Security. These attacks come as use of the platform soars due to work-from-home arrangements.
Check Point Research reports that a new version of the Joker mobile malware that infects Android devices has emerged. The malware, hidden in apps in the Google Play store, has once again evaded Google's security tools.
The latest edition of the ISMG Security Report analyzes the surge in the use of employee monitoring tools for the increasingly remote workforce. Also featured: Discussions about IoT security guidelines and CCPA compliance requirements.
U.S. prosecutors this week unsealed an indictment against the alleged hacker "Fxmsp" after his identity was revealed in a cybersecurity firm's report. That sequence of events has raised questions about information sharing and highlighted law enforcement's reliance on private cybersecurity researchers.
A little-known advanced persistent threat group dubbed Evilnum has been targeting fintech firms in the U.K. and Europe over the past two years, using spear-phishing emails and social engineering to start their attacks, according to the security firm ESET.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
