Organizations need to take three important steps to protect the personally identifiable information that mobile apps collect, says Shivangi Nadkarni, CEO at Arrka Consulting.
Upscale supermarket chain Whole Foods Market says it's investigating a payment card breach affecting dozens of taprooms and an unspecific number of restaurants located inside its stores. But it says no point-of-sale systems at checkout lanes were compromised.
Fast-food chain Sonic Drive-In is investigating a potential breach involving customers' payment card data. Its alert follows a large, potentially related batch of stolen card data appearing for sale on a cybercrime "carder" marketplace called "Joker's Stash."
It's the age of "open banking," and that means changes for banking institutions and their customers - as well as for the fraudsters. Shaked Vax of IBM Security Trusteer talks about new vulnerabilities and anti-fraud strategies.
Dharshan Shanthamurthy, CEO of SISA Information Security Worldwide, discusses new ways of assessing the risks involved in online and mobile payments to help reduce fraud.
For the internet of things to become a business enabler in India, security considerations must be adequately addressed. So regulators have mandated that organizations take appropriate security steps.
Summit Credit Union of Wisconsin is seeking class-action status for a lawsuit against credit bureau Equifax. The credit union contends it will have to bear the fraud costs resulting from Equifax exposing a massive amount of U.S. consumer data in one of the worst data breaches ever seen.
A federal judge Tuesday dismissed three of six counts in a complaint filed by the U.S. Federal Trade Commission against IoT manufacturer D-Link that alleges its sloppy security practices deceived consumers. The FTC has until Oct. 20 to amend the complaint.
Many recent data breaches, including the Equifax incident, show that "applications are really the vulnerable entry point into organizations and ultimately to organizations' data," says Alex Mosher of CA Technologies.
Equifax has yet to describe how its site was breached, except to blame a vague "U.S. website application vulnerability." But some security experts suspect that an unpatched flaw in Apache Struts, fixed by Apache in March, might have been exploited.
The Singapore arm of AXA Insurance Group says a web application flaw exposed the personal data of thousands of insurance customers to hackers. Experts weigh in on what can be done to prevent such incidents.
A detailed analysis of the Equifax breach highlights the latest edition of the ISMG Security Report. Also, an update on Russia exploiting social media to influence the 2016 presidential vote.
Increased digitisation and adoption of digital banking channels have led to a sharp increase in incidents of mobile fraud, enhancing the challenges for the CISOs in securing these transactions, says Subhash Subramaniam, CISO of ICICI Bank.
What was perhaps the largest-ever botnet composed of infected Android devices has been disabled. The Wirex botnet cleverly used legitimate looking traffic for DDoS attacks against web services.
There's another option for governments trying to overcome the end-to-end encryption barrier: buy a zero-day software exploit. One prominent zero-day broker, Zerodium, has added encrypted messaging apps to its bounty list.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.