The Anthem breach, which possibly started with a phishing campaign, is a prime example of how hackers are perfecting their schemes to target key employees who have access to valued information, says Dave Jevans of the Anti-Phishing Working Group.
PINS can effectively reduce card-not-present as well as card-present fraud, argues Liz Garner of the Merchant Advisory Group, who will be a featured speaker at Information Security Media Group's upcoming Fraud Summit Los Angeles.
Anthem believes that the breach that has exposed up to 80 million individuals' information possibly began after a handful of employees fell victim to a phishing attack. Other attackers appear to be using the breach as a lure for their own phishing campaigns.
As a result of the explosive growth in worldwide use of smart phones, mobile malware will play a much bigger role in fraud this year, predicts Daniel Cohen, a threat researcher for RSA, which just released its 2014 Cybercrime Roundup report.
An upcoming series of summits on fighting financial fraud and mitigating advanced persistent threats will provide timely insights from industry thought leaders on the critical steps to take to address emerging risks.
While there's anecdotal evidence that the NIST cybersecurity framework is proving helpful to businesses in their risk management efforts, there's not yet any measureable proof of its success at preventing damaging cyber-attacks.
Russian and European malware and spam purveyors have been hijacking Internet routes. Pending a massive infrastructure upgrade, security experts warn that such attacks can be detected, but not easily blocked.
Visa executive Kimberly Lawrence contends that the ongoing U.S. migration to EMV is progressing more rapidly than in other markets that have made the transition, requiring outside-the-box rules for debit transactions and cardholder verification.
Hackers posing as women on Skype tricked Syrian opposition fighters into infecting their systems with malware, which furnished the hackers with "valuable insight into military operations," according to a new report from cybersecurity firm FireEye.
Even a few weeks after the RBI announced its plan to consider removal of the two-factor authentication requirement for small-value transactions, security critics continue to react strongly against the notion.
Lawmakers are more serious than ever about cybersecurity legislation. Their intent is to enact, but can they compromise on legislation to share cyberthreat information and nationalize data breach notification?
In the wake of an "inebriated" government employee crashing a drone on the White House lawn, federal officials sound warnings over the potential weaponization of consumer drones. But is it anything more than a Hollywood-style movie plot?