Networking giant Fortinet warns that more products than it initially suspected have a hardcoded password that attackers could abuse to remotely gain backdoor access to vulnerable devices. But why did the flaws take so long to be found?
Security experts are warning that Chinese networking product manufacturer TP-Link has been shipping routers with a WiFi password that's based on their MAC address, thus making their passwords easy for would-be attackers to sniff.
Why do we continue to be so stupid about how we use passwords? A review of 2015 data breaches finds that it's not just users of infidelity websites who remain reckless with their password choices.
Today's cybercriminals are aware of the fraud prevention technologies deployed by most financial institutions, and they design attacks to circumvent these controls. Transaction anomaly detection and device ID approaches can be highly inaccurate, generating a large number of false positive alerts that can overwhelm IT...
Dell's announcement that it plans to purchase storage maker EMC for a mind-boggling $67 billion does not make clear the fate of EMC's information security unit, RSA. Analysts believe Dell has not yet determined whether RSA fits into its long-term plans or should be sold or spun off.
Defeating biometrics-based security with far-fetched schemes, such as stealing or replacing eyeballs and fingertips, is a recurring theme in the movies. But real-world advances in authentication will help make it difficult to circumvent real-world security.
The severity of the U.S. Office of Personnel Management breach continues to grow, with investigators now reporting that hackers stolen 5.6 million people's fingerprint data. The theft may have security implications well into the future.
For years, information security experts have been warning users to create complex, unique passwords, and organizations to secure them properly. But an analysis of 12 million cracked Ashley Madison passwords shows how much we're still failing.
The act of prevention is dead. The new mandate for CISOs is to quickly detect anomalous behavior in the networks to be able to respond quickly to breaches and combat threats, says RSA's director, Kartik Shahani.
The U.S. payments infrastructure will come up far short of completing the rollout of EMV technology by the Oct. 1 fraud liability shift date. Experts say high costs, a perceived lack of consumer demand and doubts about EMV's ability to significantly reduce card fraud are to blame.
The FBI estimates fraud losses linked to so-called business email compromise scams worldwide have exceeded $1.2 billion in less than a year. But some financial fraud experts say the losses from this largely overlooked threat could be even higher.
Extortionists and "free agent" rogue insiders have emerged as the top two most malicious cybercrime threats to banking institutions, says Gartner's Avivah Litan. How should institutions bolster their defenses?
The Internal Revenue Service says cyber thieves may have accessed as many as 334,000 taxpayer accounts in a breach of its Get Transcript system, far more than the 114,000 accounts it originally estimated in May.
Visa's Eduardo Perez says one of the key merchant vulnerabilities his company is most concerned about is weak remote-access controls for point-of-sale systems and devices. He offers risk mitigation advice in this exclusive interview.
EMV Here We Come. Now that the U.S. has finally embraced secure-in-person transactions with EMV, we'll examine how the transition and the rollout will affect the rate of card-not-present (CNP) fraud and other online transactions. Join our panelists as we discuss such topics as how fraudsters will exploit the CNP...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.