Security probes into IoT vulnerabilities too often swerve into creepy territory. Take security researchers at Check Point who discovered they could seize control of an internet-connected LG vacuum cleaner's camera, allowing them to turn a roving robotic cleaner into a spy cam.
A new directive from the U.S. Department of Homeland Security elevates federal agencies' email security to the DMARC standard that's widely adopted by commercial email providers, including Google, Yahoo and Microsoft.
Banks that collectively own SWIFT saw their profits vanish last year as the organization increased its investments in information security, even as the interbank messaging service handled record volumes of money-moving messages.
A report on security flaws found in mainframe computers leads the latest edition of the ISMG Security Report. Also, the tale of how a hacker launched his career; insights on new EU data protection regulations.
ISMG's Fraud & Breach Prevention Summit in Bengaluru will provide expert insights on best practices for addressing emerging cyberthreats and tackle timely topics, including Aadhaar authentication, ransomware and the latest breach trends.
Mobile payments are more secure than online and card payments, says David Lott, a payments risk expert with the Retail Payments Risk Forum at the Federal Reserve Bank of Atlanta. But how customers use their mobile devices can dramatically affect transactional security.
New documents dumped online by the Shadow Brokers group have revealed apparent NSA programs designed to target SWIFT service bureaus in the Middle East as well as a slew of exploits designed to infect Windows systems, patched last month by Microsoft.
McDonald's home food delivery app in India leaked sensitive personal information relating to 2.2 million users. But the restaurant giant only addressed the insecure API after a researcher went public one month after informing McDonald's about the problem.
CA Technologies has announced plans to snap up application security testing vendor Veracode for $614 million cash, to offer SaaS-based application security testing. The move signals that secure coding - and agile-inflected DevOps - is hot. But will it come in time to secure the internet of things?
Risk analysis is at the core of most card fraud prevention platforms used today, says Carol Alexander of CA Technologies. But what if the industry could take the lessons it's learned to other channels, enabling banking institutions to more readily identify potentially fraudulent transactions before they happen?
Targeted breaches are increasing and they share a common thread - a kill chain that exploits privileged users and their credentials to gain access to sensitive systems. Steve McCullar of CA Technologies discusses how privileged access management can break that kill chain.
The breach of an offshore account owned by Union Bank of India is raising new questions about the security of interbank payments, which often rely on antiquated backend verification processes that fraudsters seem to be compromising with relative ease.