It’s called ATM cash-out fraud, and it’s a new data security threat where physical attacks and cyberattacks converge. Earlier this year, federal regulators warned financial institutions against criminal attacks on their ATM systems. But instead of breaking into the physical machines directly, some criminals are now aiming at the bank systems that control the machines. […]
New Cyberattacks Aim for ATM Management Systems Read More »
There’s a dramatic shortage of qualified information security professionals in the industry today. Globally, we’re a million people short, according to Cisco’s 2014 Annual Security Report. According to Ponemon’s 2014 IT Security Jobs Report, 36 percent of staff positions and 58 percent of senior staff positions in IT security went unfilled in 2013. The majority
5 non-traditional hiring tips for InfoSec Read More »
This summer, Facebook finalized its $2 billion purchase of Oculus VR, a virtual reality headset maker. The purchase promises to usher in a new era for virtual reality-more immersive, lower cost and simply more usable than ever before. In fact, even though the Oculus Rift and similar devices have not hit the market yet, companies
The Real Risks of Virtual Reality Read More »
Just because your community bank isn’t one of the giants of the financial industry doesn’t mean it’s off the target list of today’s proliferating cybercriminals. But that doesn’t mean that community banks with limited resources have to go out and start spending large sums of money on IT and data security, experts agree. “Focus on
Back to Basics: IT security routines that won’t break the budget Read More »
Multifactor authentication, the process of using more than one method or system to confirm the identities of consumers online, has been around for years. But recent regulatory guidelines, increasing criminal activity, lower costs and growing consumer acceptance have combined to bring the technology into the process for community banks more than ever before. “The fact
Multifactor Momentum Read More »
This year has been the best of times and the worst of times for open source code and security. On the one hand, the latest survey by Black Duck Software and North Bridge Venture Partners shows that 72 percent of industry professionals prefer open source software because it’s more secure than proprietary solutions. On the
Tools catch security holes in open source code Read More »
Women make up just 11 percent of information security professionals. Just increasing that number to 22 percent would solve the industry’s staffing shortage problem. Unfortunately, at most companies, the recruitment process is designed to attract the kind of people who already work there. Changing that requires conscious effort. Here are some tips that might help.
10 tips to attract women to infosec jobs Read More »
While there are plenty of standardized methods for penetration testing that we’re all familiar with, the bad guys aren’t sticking to traditional methods for their attacks anymore. So it’s time for the good guys to start thinking outside the box, too: here are a few creative methods to pen test your organization and see
How to get creative with your penetration testing Read More »
It’s hard to imagine a company these days that isn’t using open source software somewhere, whether it’s Linux running a company’s print and web servers, the Firefox browser on user desktops, or the Android operating system on mobile devices. In, fact, there are now more than a million different open source projects, according to Black
Open source pitfalls — and how to avoid them Read More »
Security professionals have long been running penetration tests against their firewalls and other security systems to find weaknesses that need to be addressed. The Common Vulnerability Scoring System is an industry standard, but has been around for a while. The bad guys, however, aren’t limiting themselves to the traditional perimeter attacks anymore. They’re using spear
You Need to Get Creative With Pen Testing. Here’s How to Do It. Read More »
Cover story These days, there’s no shortage of new business technologies and new threat vectors to the enterprise. But what many companies forget is that old technologies pose risks as well, and those risks aren’t going away. In fact, as your legacy systems continue to get more out-of-date while the world around them continues to
Forgotten risks hide in legacy systems Read More »
Even as women have made dramatic advances in medicine, law, and other fields, the proportion of women pursuing undergraduate degrees in the computer sciences has actually been dropping, from around 30 percent in 1990 to 18 percent in 2010, according to the latest data from the National Science Foundation. As a result, according to the
Info sec industry still struggles to attract women Read More »
Whether you receive a phishing email inviting you to click on a specific link, whether you see the link on your trusted social media sites, or whether you stumble upon it while Web surfing, here are 10 types of links you should never click on. See slideshow at Network World.
Don’t click on these links Read More »
Phishers are upping their game, so end users need to respond accordingly Protecting yourself against phishing attacks used to be relatively easy. Don’t download unexpected attachments. Visit banking websites directly instead of clicking on links in an email. And look for bad grammar. Credit: wikimedia Those days are gone. Today, a phishing attack can come
How to stay one step ahead of phishing attacks Read More »
When Unisys CISO John Frymier came in to work on Friday, Sept. 6, the phones were ringing, and continued to ring all day. Customers were panicking over the news headlines of the day before. The NSA had cracked Internet encryption. The NSA was listening in to everything. European customers were especially concerned, he says. Read
Is open source encryption the answer to NSA snooping? Read More »
