The words “data breach” are often met by a clamor whenever they make headlines. Home Depot, Target, Ashley Madison, Heartland, Citibank, the list goes on and on. These breaches spent time in the limelight because of their magnitude; they affected hundreds of thousands – in some cases millions – of cardholders.Continue
Added by Steven Minsky on July 28, 2016 at 10:00pm — No Comments
Hackers bank heavily on tricking people into doing things that they shouldn’t: social engineering. A favorite social engineering ploy is the phishing e-mail.
How a hacker circumvents two-factor authentication:
Added by Robert Siciliano on July 28, 2016 at 4:28pm — No Comments
When I was a wee kid working on a group project, we would always ask “Who is going to be the colour-ineror? Well just last week a friend of mine reminded me of the term when I was listing support functions that sometimes struggle to make a difference to the business.
I was listing finance, HR, IT, risk, compliance, audit and then said, “Even people in sexier functions like in marketing.” … BANG, she pounced. “You mean the colouring-in department!” In her experience working on…Continue
Added by Bryan Whitefield on July 28, 2016 at 3:40am — No Comments
Looks like there’s some worms in Apple.
Not too long ago, dozens and dozens of iPhones were stolen from two Apple stores. How could this happen, what with Apple’s security? Simple: The thieves wore clothes similar to Apple store employees and obviously knew the innards of the stores.
They sauntered over to the drawers that held the new phones, acting nonchalant to avoid attracting attention. In…Continue
Added by Robert Siciliano on July 26, 2016 at 4:07pm — No Comments
A ransomware attack is when your computer gets locked down or your files become inaccessible, and you are informed that in order to regain use of your computer or to receive a cyber key to unlock your files, you must pay a ransom. Typically, cybercriminals request you pay them in bitcoins.
The attack begins when you’re lured, by a cybercriminal, into clicking a malicious link that downloads malware, such as CDT-Locker. Hackers are skilled at getting potential victims…Continue
Added by Robert Siciliano on July 22, 2016 at 4:18pm — No Comments
The Dark Web, according to LeakedSource, got ahold of 33 million Twitter account details and put them up for sale. Twitter thus locked the accounts for millions of users.
Twitter, however, doesn’t believe its servers were directly attacked. So what happened? The bad guys may have created a composite of data from other breached sources. Or, they could have used malware to steal passwords off of devices.
Nevertheless, the end result meant that for many Twitter…Continue
Interview with Marsha Hopwood, Director, Operational Risk Management and Risk Governance, Allianz Life
New rules and regulations have proliferated across the financial sector, with no end seemingly in sight. Along with fast-paced technology, stirring more competitive pressures than ever; it is essential for banks and financial institutions to instill sound management to properly oversee and control heightened risks.
Marsha Hopwood, Director, Operational…Continue
Added by marcus evans N.A. Conferences on July 20, 2016 at 3:40pm — No Comments
Interview with Erin Straits, Senior Vice President, Director, Vendor Risk Management, Fifth Third Bank
Third party risk management continues to grow as an area of increasing concern for institutions, as the increased digital environment and several high profile incidents highlight the importance of strong third party risk practices. Despite strong advances in this area, institutions still need to further enhance their third party programs to ensure they add value to…Continue
Added by marcus evans N.A. Conferences on July 20, 2016 at 3:36pm — No Comments
If you’ve heard this once, you need to hear it again—and again: Never use the same password and username for more than one account!
If this got Mark Zuckerberg’s (Facebook’s chief executive). Twitter account hacked, it can get just about anybody hacked.
A report at nytimes.com says that the OurMine hacking group takes credit for busting into Zuckerberg’s accounts including LinkedIn and Pinterest. It’s possible that this breach was cultivated by a repeated…Continue
Added by Robert Siciliano on July 19, 2016 at 4:06pm — No Comments
An impostor posed as Lorrie Cranor at a mobile phone store (in Ohio, nowhere near Cranor’s home) and obtained her number. She is the Federal Trade Commission’s chief technologist. Her impostor’s con netted two new iPhones (the priciest models—and the charges went to Cranor) with her number.
In a blog post, Cranor writes: “My phones immediately stopped receiving calls.” She was stiffed with “a large bill and the anxiety and fear of financial injury.”
Added by Robert Siciliano on July 14, 2016 at 4:37pm — No Comments
Cyberweapons are a constant and evolving threat to society. They have the potential to shut down entire electric power grids and bring companies to their knees. Securing networks against the threat is possibly the most pressing priority, and the cybersecurity market is expected to grow from $75 billion in 2015 to $170 billion by 2020 as a result.
One of most pressing priorities for companies in ensuring cybersecurity is what seems to amount to a massive talent shortfall. Current…Continue
Added by Lauren Ravary on July 14, 2016 at 12:57pm — No Comments
I recently had one of the most cathartic conversations of my career. It was with a senior internal advisor who is now in audit but has held all kinds of roles in the organisation so he gets what support functions do, why they do it and, much to his chagrin, how they do it.
The organisation in question is doing something that many organisations do, changing from A to B after they changed from B to A say five years ago after changing five years before from A to B, you get the picture.…Continue
It’s all about code—the building blocks of the Internet. Software code is full of unintentional defects. Governments are paying heavy prices to skilled hackers who can unearth these vulnerabilities, says an article at nytimes.com.
In fact, the FBI director, James B. Comey, recommended that the FBI pay hackers a whopping $1.3 million to figure out how to circumvent Apple’s iPhone security.
So driven is this “bug-and-exploit trade market,” that a bug-and-exploit…Continue
Added by Robert Siciliano on July 12, 2016 at 4:22pm — No Comments
Added by Enrique Raul Suarez on July 10, 2016 at 4:37pm — No Comments
Get an account with TeamViewer, and you will have a software package that enables remote control, online meetings, desktop sharing and other functions between computers.
But recently, customers of TeamViewer have reported remote takedowns of their computers that resulted in different forms of monetary theft, such as bank accounts being cleaned out.
The cyber thieves controlled the victims’ computers via their TeamViewer accounts. Customers would witness their…Continue
Added by Robert Siciliano on July 8, 2016 at 4:09pm — No Comments
Added by Enrique Raul Suarez on July 5, 2016 at 10:54pm — No Comments
Root cause analysis (RCA) is the process of finding the event or condition that leads straight to an occurrence (another event). It is a systematic procedure used to identify the principal possible cause of risk. In risk-based management, root cause…Continue
Added by RUFRAN C. FRAGO on July 1, 2016 at 9:14pm — No Comments
Do You Know Who you Are? Key Questions to Answer
Added by Enrique Raul Suarez on July 1, 2016 at 5:50pm — No Comments
In 2015, depending on the kind and type of identity theft we are talking about, identity thieves impacted 1.5 million people or more, says the Javelin Strategy & Research report. That’s more than double than for 2014.
The move from stripe cards to chip cards has motivated crooks to fasten their seatbelts and really take off with an accelerated mode of operation. For them, your Social Security Number is the pot of gold at the end of the rainbow. Thieves will use…Continue
Added by Robert Siciliano on July 1, 2016 at 4:36pm — No Comments
"Imagine a new European community and eventually planetary community will develop, replacing the centralized power systems with an alliance of interconnected…Continue
Added by Enrique Raul Suarez on July 1, 2016 at 3:02am — No Comments