What can organizations do to thwart business email compromise attacks? In an interview, David Stubley, CEO of the consultancy 7 Elements, outlines several key steps. He'll be a featured speaker at Information Security Media Group's Security Summit: London, to be held Sept. 23.
As more companies move away from passwords toward behavioral biometrics, they face new challenges, says Rajiv Dholakia, vice president, products at Nok Nok Labs. "There are no standards as such in this area on how the information is collected, how it's stored and how it's processed," he says.
Step away from the social media single sign-on services, cybersecurity experts say, citing numerous privacy and security risks. Instead, they recommend that everyone use password managers to create unique and complex passwords for every site, service or app they use.
Warning: Attackers behind the recently revealed Facebook mega-breach may still be able to access victims' accounts at some third-party web services and mobile apps, and Facebook has offered no timeline for when a full lockdown might occur - although there are no signs of third-party account takeovers.
Privacy advocates are praising the India Supreme Court's ruling that private entities can no longer require the use of Aadhaar data for authentication, but they're pressing for swift passage of a new data protection law.
In Australia, it can take as few as 15 minutes to steal someone's phone number, a type of attack known as SIM hijacking. Such attacks are rising, but mobile operators have no plans to change the authentication required around number porting, which can be set in motion online with minimal personal information.
Password management is a critical component of a security strategy that some organizations still find challenging, says Gerald Beuchelt of LogMeIn Inc.
The National Payment Corporation of India, the umbrella organization for all retail payments systems, has asked banks to discontinue Aadhaar-based payments through Unified Payments Interface and Immediate Payment System channels.
The issue of access management and vulnerable software applications has come back to haunt the Unique Identification Authority of India which manages the Aadhaar database containing biometrics and personal information of over 1 billion Indians.
Security technology innovations entering the market are getting attached as features to an infrastructure that is fundamentally broken and an enforcement model that cannot operate in real time, says Matthew Moynahan, CEO at Forcepoint.
Intelligence adaptive authentication represents the latest advance in authentication and risk analysis - with a dose of machine learning - to help organizations authenticate users and battle fraud in real time, says OneSpan's Will LaSala.
The Srikrishna Committee's recommendation in its draft of a data protection bill that foreign companies be required to only store domestically certain "critical" data of Indians is impractical and will not help prevent breaches.
Security thought leaders have long called for organizations to shift from a conventional "peacetime" view of cybersecurity to more of a "wartime" mindset. Aetna CSO Jim Routh now says it's time for enterprises to shift from conventional to unconventional security controls.
U.K. health and beauty retailer Superdrug Stores is warning customers that attackers may have compromised some of their personal information, apparently because they'd reused their credentials on other sites that were hacked. While Superdrug quickly notified victims, it stumbled in three notable ways.
The FIN7 cybercrime gang regularly phoned victims, posing as buyers, to trick victims into opening phishing emails and attachments with malware, federal prosecutors allege. The group's success - 15 million stolen payment cards and counting - is one measure of how difficult these types of attacks are to block.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.