When the Commonwealth of Pennsylvania suffered a major security breach a few years back, vulnerabilities in a Web application were to blame. CISO Erik Avakian explains how the state developed a process to correct flaws in application code.
The scheme allegedly involved insiders recruited by fraudsters to steal information about more than 200 individuals and organizations. How can institutions improve background screening and prevent fraud?
Fraud threats have changed little in the past decade. But their global scale has, and James Ratley, president of the ACFE, details how fraud examiners must change their approach to fighting these crimes in 2012.
The plan identifies opportunities to engage the private sector in activities for transitioning promising R&D into practice. It prioritizes the development of a "science of security" to derive first principles and the fundamental building blocks of security and trustworthiness.
The Federal Deposit Insurance Corp. is warning its banks about another strand of phishing attacks purporting to come from the FDIC. The e-mails claim to offer critical information about business bank accounts.
Law enforcement officials say a New York crime ring defrauded TD Bank of more than $450,000 in a check fraud scheme. What loophole did the fraudsters find to run this scam, which went undetected for nearly two years?
2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
Calif.-based grocer Save Mart confirms dozens of reports by employees and customers about account compromises linked to the merchant's recent breach. Are these incidents linked to a larger, organized crime ring?