The latest edition of the ISMG Security Report discusses global progress on adopting standard digital identifiers. Plus, a former cybercriminal discusses emerging fraud trends, and an update on the evolution of e-signatures.
Tens of millions of Americans have lost jobs because of COVID-19. As a result, former 'most wanted" fraudster Brett Johnson predicts a surge in fraud, saying bluntly: "There are going to be a lot of victims."
Compromised Credentials Monitoring (CCM) allows users to monitor exposure of compromised credentials for their enterprise domains and customer email addresses to take action after breaches to mitigate risk of account takeover (ATO). Flashpoint's advanced technology quickly collects and processes data and credentials,...
The thriving cybercrime economy of vendors hawking illicit offerings on underground marketplaces grants access to resources that reduce barriers to entry for crimes ranging from fraud to DDoS attacks.
Pricing trends for these offerings shed light not only on their accessibility to threat actors, but also on how...
Email and collaboration platforms are the connective tissue of most businesses and organizations, where information is shared, plans are hatched, and alliances formed. Yet email often represents the 'weakest link' in an organization's security strategy - around 94% of cyber-threats originate in the email environment....
Authorities have arrested a suspect accused of hacking the University of Pittsburgh Medical Center's human resources database in 2014 and stealing personally identifiable information from 65,000 employees, which was then used for tax fraud.
This report will document an end-to-end attack lifecycle, and how each stage could leverage elements of the AI 'toolkit' to improve and streamline the process. Attackers will, of course, evolve their tools to drive efficiency gains, however these tradecraft improvements are iterative and do not happen all at once....
The notorious Qbot banking Trojan is making a comeback with new features and capabilities that enable it to more effectively steal victims' financial data and credentials, according to cybersecurity researchers at F5 Labs.
A proposed class action lawsuit filed against an accounting firm in the wake of a 2019 ransomware incident that allegedly exposed patient data to potential cybercriminals serves as the latest reminder of the security and privacy risks posed by vendors.
Not all data breaches are what they might seem, and not all leakers are who they might claim to be. Take the doxing of the Minneapolis Police Department, supposedly by Anonymous hacktivists: The leaked employee information was almost certainly culled from old breaches. So who did it, and why?
A lawsuit seeking class action status has been filed against Atlanta-based Aveanna Healthcare in the wake of a 2019 data breach at the pediatric home healthcare provider that affected more than 166,000 individuals.
Jeremy Grant has spent more than two decades championing the cause of secure digital identities. But as the COVID-19 pandemic has created a remote workforce of unprecedented scale seemingly overnight, are current approaches to securing the identity management and attestation practice up to the challenge?
A former administrative employee of a medical marijuana clinic and several other clinics was recently sentenced to serve time in federal prison after pleading guilty to identity theft and wire fraud. The case illustrates the potential risks posed by employees inappropriately using personal devices.