The Gramm Leach Bliley Act may not appear to have anything to link it to the Voice Over IP technology being implemented in financial institutions, but IT departments and Information Security officers should look closely at how the new phone systems may be audited under GLBA regulations. GLBA audits would focus more on...
Overview:
• Latest news on the crimeware and phishing fronts
• Why average users can’t always sniff out those phishy emails
• Other cybercrime that financial institutions should be worried about
• Strong authentication - is it helping? What needs to be done further
> Listen to...
Financial institutions need to realize cyber criminals who target internet users with phishing attempts aren’t going away anytime soon, says information security expert Aaron Emigh. “They’re moving away from the purely deception based attacks (simple emails in your inbox with links that the...
LINDA MCGLASSON: Are we in information security becoming too complacent? I mean, we have a lot of zero-day threats, hundred thousand node botnet sending us virus threats and all things like that, and those of us in information security, you know, look at the situation and think that this is normal operation...
At your institution you’re considered the person who has thought of every possible security angle, and when it comes to locking down the systems, networks and Internet based offerings, you’re confident that you’ve met or exceeded everyone’s expectations for privacy, security. You’ve...
The FDIC’s Information Technology Risk Management Program (IT-RMP), used by FDIC examiners in the examination process of financial institutions, will be looking more closely at the way financial institutions choose, oversee, and document their technology service providers and how those technology service...
In 2006, the Federal Financial Institutions Examination Council (FFIEC) issued a revised version of the Bank Secrecy Act/Anti-Money Laundering (BSA/AML) Examination Manual. The manual has been updated to incorporate regulatory changes since the manual was first released in 2005 and to clarify supervisory expectations....
The alert from OCC about a 419 scam appearing to come from the US House of Representatives’ Financial Services Committee isn’t something new -- this type of scam is just a new twist to something that has been around for many years.
As long as there are people who believe they can get something from...
A recently released survey from Gartner shows the rate of identity theft is rising -- more than 50 percent over previous years.
What is interesting for financial institutions, they are not the first target. “As it showed in the report, the attacks are moving away from banks to fake lotteries and sweepstake...
Would your customers recognize and detect a well-designed phishing site that was targeting them? The unfortunate answer is probably not. Phishing websites designed with high credibility fooled a high percentage of participants in a recent study. “Why Phishing Works,†a white paper authored by researchers...
Comptroller of the Currency John Dugan told an audience of bank risk managers earlier this week because their goals are so closely aligned to those of the regulators, the regulations and guidance issued by the agencies can support them in meeting their institutions’ objectives.
Dugan said regulators can...
The Office of Thrift Supervision (OTS) issued guidance this week on gift cards offered by OTS-regulated thrift institutions. The guidance assists institutions in ensuring adequate account administration, marketing, and sound consumer disclosure practices for gift card programs.
The guidance encourages more uniform...
Authors of a proof of concept paper called "Drive By Pharming" say that by viewing a malicious web page users can set off changes in a broadband router or wireless access point, making the computer connected to it susceptible to attack.
The paper, authored by researchers Zulfikar Ramzan, from Symantec, and Markus...
Are financial institutions implementing the multifactor authentication laid out in the FFIEC Guidance? That was one of the issues discussed at the RSA panel presentation, "37 Days After the FFIEC Guidance Deadline." The panel of banks, credit unions and industry experts talked about what it took to get this far, and...
Information Security Media Group, Corp. is launching a new sister website specifically for the credit union community - CUInfoSecurity.com. The new site organizes the latest credit union information security related regulations, news, articles, white papers, industry related events, webinars, education and resources...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.