In 2014, the Department of Defense (DoD) introduced the Risk Management Framework (RMF) to help federal agencies better manage the many risks associated with operating an information system. To help agencies that need to implement RMF get up and going, Splunk offers a cost effective, flexible and integrated...
A key disconnect exists between awareness of financial services fraud schemes and mitigation, according to the latest "Faces of Fraud" survey sponsored by Appgate. Mike Lopez, vice president at the firm, describes some key findings.
Among the top issues being discussed at the RSA 2020 conference this week is the need for more cybersecurity collaboration between government agencies and the private sector. Here are some interview highlights.
A business email compromise group targeting U.S. businesses is using G-Suite for their scams and collecting money through physical checks instead of wire transfers, according to the security firm Agari.
The U.S. Census Bureau has not done enough to address cybersecurity issues in preparation for the 2020 census, which is slated to begin in April, according to a new report from the Government Accountability Office.
As the coronavirus generates headlines around the world, cybercriminals are continuing to use this public health crisis to spread phishing emails and create malicious domains for a variety of fraud. Here's an update on the latest developments.
Account Takeover is one of the biggest threats that banks are facing today. With 3.8 billion data records compromised worldwide in 2018, it is evident that despite implementation of cybersecurity measures, digital channels remain vulnerable. Adversaries have a variety of weapons at their disposal, which makes...
Cybercriminals targeted mobile banking users by sending malicious SMS messages to their smartphones as part of a phishing campaign to steal account holders' information, including usernames and passwords, according to the cybersecurity firm Lookout.
The U.S. Cybersecurity Infrastructure and Security Agency has released its cybersecurity plan for the run-up to the 2020 presidential election, outlining the agency's role as a facilitator that will assist federal, state and local agencies in protecting critical election infrastructure.
Google has removed 500 Chrome extensions from its online store after researchers found that attackers were using them to steal browser data, according to a new report from security firm Duo Security. The thefts were part of a malvertising campaign that had been active for at least a year, the researchers say.
Time for a fresh edition of "learn from how others get breached" focusing on Equifax. The goal is not blame, but rather to highlight specific missteps so others can avoid making the same mistakes. The Equifax breach offers a plethora of takeaways to help organizations better repel attackers.
Security researchers have found that the developers of the Emotet Trojan have created a new way to spread it to more victims - attackers are using unsecured WiFi networks as a way to deliver the malware to more devices.
Indian banks are again facing a fraudster field day, as cybersecurity firm Group-IB warns that the notorious Joker's Stash carder forum is listing more than 460,000 stolen Indian credit and debit cards for sale as "fullz," meaning they include personally identifiable information.