The Cyber Security Agency of Singapore has come up with an operational technology and cybersecurity master plan aimed at building a secure and resilience ecosystem to protect critical infrastructure. But will implementation prove feasible?
Delayed enforcement of the "strong customer authentication" requirements for online transactions under the European Union's PSD2 regulation is hampering efforts to enhance security. That's why the European Banking Authority should act quickly to develop a new timeline.
Russian national Andrei Tyurin pleaded guilty to perpetrating massive hack attacks against leading U.S. financial services firms and others from 2012 to mid-2015. Victims included JPMorgan Chase, from which he stole details of 83 million customer accounts.
A global law enforcement operation has resulted in the arrest of 281 suspects allegedly involved in business email compromise scams. The announcement comes on the same day as the FBI's Internet Crime Complaint Center says that losses from BEC scams have hit $26 billion and are continuing to rise.
Cybercrime is surging thanks, in part, to the availability of inexpensive hacking tools and services. A recent look by security firm Armour at black market offerings finds stolen payment card data, RDP credentials, ransomware and DDoS services are widely available for sale.
A "zero trust" security model makes it easier to manage application access and protect against malicious users, but the rollout of the model must be managed in a very organized way, says Mani Sundaram, CIO and EVP, Global Services and Support, at Akamai Technologies.
Facebook and Twitter have suspended a number of accounts and pages that they have tied to information operations being run by the Chinese government. Disinformation has targeted pro-democracy demonstrators in Hong Kong - likening them to cockroaches - while dismissing anti-Beijing sentiment as "fake news."
The Monetary Authority of Singapore, the nation's central bank, has mandated that financial institutions comply with risk management guidelines within the next 12 months in an effort to strengthen the cyber resilience of these organizations.
The cause of Capital One's breach is known. But experts say the incident still raises questions over why Capital One held onto personal data so long and if the bank was adequately monitoring administrator accounts.
When leveraging AI and machine learning to drive banking innovations, it is essential to take a structured approach in implementing security-by-design for conducting proper risk assessment of the organizations and people involved, says Sameer Ratolikar, CISO, HDFC Bank
Fraudsters continue to get new tricks up their sleeves. Criminals are increasingly using Apple Pay, setting up mobile call centers to socially engineer victims as well as tricking consumers via fake e-commerce sites that never fulfill orders, fraud-fighting experts warn.
Authorities in Bangladesh are investigating hacker attacks against at least three banks in that nation last month. Dutch Bangla Bank Ltd. lost as much as $1.4 million in an attack, which apparently involved planting malware in an ATM switch, according to news reports.
WhatsApp, the messaging service owned by Facebook, says it's ready to launch its digital payment services, WhatsApp Pay, in India following its beta test. But the Supreme Court says WhatsApp first must comply with RBI's data localization requirements.
Many corporate boards of directors in India have made progress in recognizing cybersecurity as a priority. But clearly, they still have a lot of work to do. Panelists at a recent ISMG summit in Bengaluru offer insights.
Criminal gangs have been hitting e-commerce sites hard lately by injecting their malicious code to "skim" customers' payment card details. In a recent twist, Malwarebytes spotted a malicious iFrame that steps in front of the normal payment process to intercept card details.