One mystery with the recently discovered payment card sniffing attacks against such organizations as British Airways and Newegg has been how attackers might have first gained access to the victims' networks. But a number of cybercrime markets sell such access, in some cases for as little as 50 cents.
Scotland's Arran Brewery fell victim to a Dharma Bip ransomware attack that infected its Windows domain controller and crypto-locked files and local backups, leading to the loss of three months' worth of sales data. The brewery refused to pay the attackers' two bitcoin ransom demand.
Credit bureau Equifax has been hit with the maximum possible fine under U.K. law for "multiple failures" that contributed to its massive 2017 data breach, including its failure to act on a critical vulnerability alert issued by the U.S. Department of Homeland Security.
The latest edition of the ISMG Security Report features an analysis of a new Government Accountability Office report on the causes of last year's massive Equifax breach. Also: An update on the role of tokenization in protecting payments.
Timing incident response actions correctly helps with rapid remediation and enables taking full control of the environment, says Mandiant's Steven D'sa.
IT teams at regional banks and credit unions are stretched thin. They're expected to meet compliance obligations while simultaneously taking care of cyberthreats. This is particularly true for mid-sized institutions without resources dedicated to security or compliance, putting them at risk.
What options do...
Ransomware. Phishing. Credential stuffing. These are among the top threats to financial institutions of all sizes. But small-to-midsized ones are particularly challenged to detect and respond to threats. Arctic Wolf's Todd Thiemann discusses the value of managed detection and response.
The cost of the city of Atlanta's mitigation and subsequent IT overhaul following a massive SamSam ransomware infection in March could reach $17 million, of which $6 million has already been budgeted for new devices, security enhancements as well as upgrades, according to news reports.
Cloud-based CRM giant Salesforce.com is warning some of its Marketing Cloud users that any data they stored may have been accessed by third parties or inadvertently corrupted because of an API error that persisted for six weeks.
Weapons and attack capabilities that were previously only observed in large-scale nation-state operations are now falling into the hands of the masses. Today's attackers are more sophisticated, and capable of exploiting weaknesses at previously unseen speed and scale.
Download this white paper and learn:
The...
A financial services company with responsibility for protecting sensitive customer data lacked centralized visibility into alerts, had limited expertise to triage, prioritize, and escalate incidents, and spent significant time generating customized financial compliance reports.
After deciding not to build their own...
Even companies in full compliance of industry regulations get exploited. In truth, seeking to become impenetrable is admirable but entirely unrealistic. Now is the time to shift from "check box compliance" to risk-based security defenses that rely on incident response.
Download this brief and learn how to:
Combine...
PCI-DSS mandates all organizations that accept, transmit, process and store cardholder data must continuously monitor and safeguard all sensitive customer information.
Download this brief and learn how to:
Simplify compliance reporting;
Create custom reports to meet your business needs;
Find the right balance...
The FFIEC/NCUA guidance and supervision affects federally supervised financial institutions and their holding companies. However, complying with FFIEC/NCUA guidance can challenge financial institutions that have limited resources.
Download this brief and learn how to:
Simplify FFIEC/NCUA compliance with custom...
Nefarious hackers, cybercriminals and bad actors seek means, pathways and vulnerabilities to gain unauthorized access to a computer device or network for exploitation purposes.
Download this eBook and learn:
How to protect against the top 5 most common attack vectors;
Why you should focus on detection and...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.in, you agree to our use of cookies.
