keywords:bank information security, banking information security, bank regulations, bank information security regulations, information security, information security white papers, information security webinars, information security articles, information security news, information security events, fdic, fincen, gao, authentication, glba, sarbanes oxley (sox), identity theft, phishing, risk management, anti-money laundering
description:BankInfoSecurity.com is your source for banking information security related content, including fraud, ID theft, risk management, emerging technology (authentication, cloud computing, mobile banking, social media), as well as the latest regulations and anlysis on current topics.
https://www.bankinfosecurity.com/ TRENDING: Cybersecurity Summit France: 23-24 Nov. Fireside Chat: 12/14 | State of Software Security: The Costly Risks of Open Source Code U.S. Vice President Kamala Harris announced this week that the U.S. will join an 80-nation cyber pact. (Photo: Gage Skidmore via Flickr) VP Kamala Harris: US Will Join 80-Nation Cybersecurity Pact
Dan Gunderman November 11, 2021
The U.S. has joined an 80-nation agreement that sets collective goals for cyberspace, with a particular focus on internet integrity, electoral security, intellectual property theft, use of malign hacking tools and more. Vice President Kamala Harris confirmed U.S. entry into the multistate pact.
Blockchain Cryptocurrency
SEC's Crenshaw: Transparency, Pseudonymity Top DeFi Issues
Cybercrime
Dridex Banking Malware Turns Up in Mexico
Blockchain Cryptocurrency
US Treasury Blacklists Cryptocurrency Exchange Chatex
Breach Notification
Robinhood Reveals Data Breach and Extortion Shakedown
Cybercrime
REvil Ransomware Suspects Snared in Global Police Crackdown
Cybercrime
Feds Post $10 Million Reward for DarkSide Ransomware Actors
3rd Party Risk Management
US Commerce Department Blacklists Israeli Spyware Firms Latest Application Security Zoom Patches Multiple Vulnerabilities
Prajeet Nair November 13, 2021
Cloud video conferencing provider Zoom has released patches for multiple vulnerabilities in its product that could have allowed criminals to intercept data from meetings and attack customer infrastructure.
Critical Infrastructure Security US Department of Defense to Launch Zero Trust Office
Dan Gunderman November 12, 2021
In an effort to streamline the adoption of zero trust cybersecurity architectures, the U.S. Department of Defense in December will launch an office dedicated to zero trust. This announcement comes as federal agencies move to modernize following the SolarWinds cyberespionage campaign.
3rd Party Risk Management Pace of Cybercrime Evolution Is Accelerating, Europol Warns
Mathew J. Schwartz November 12, 2021
The top cybercrime threats facing organizations in Europe and beyond include ransomware affiliate programs, more sophisticated mobile malware and cryptocurrency-hawking investment fraud, among other types of crime, according to Europol's latest Internet Organized Crime Threat Assessment.
► Blockchain Cryptocurrency ISMG Editors: How Sustainable Is 'Work From Anywhere'?
Anna Delaney November 12, 2021
Four editors at ISMG discuss important cybersecurity issues, including law enforcement agencies' crackdown on ransomware operations, how banks are building their technology stacks to counter card fraud and whether the "work from anywhere" model is beneficial for employees in the long term.
Endpoint Security Firm Held Onto Palo Alto VPN Zero-Day for 11 Months
Jeremy Kirk November 12, 2021
A penetration testing company discovered a critical zero-day vulnerability in Palo Alto Networks' GlobalProtect VPN product but did not inform the company until about 11 months later. The situation stirred debate over whether that posed unnecessary risks.
Business Continuity Management / Disaster Recovery Feds' Ransomware Smackdown: Attackers' Days Numbered?
Anna Delaney November 12, 2021
The latest edition of the ISMG Security Report features an analysis of the progress made by law enforcement agencies in the effort to crack down on ransomware. Also featured: Evil Corp banking malware still active; XDR market trends.
Application Security Flaws Allow Unlimited Purchases on Apple, Samsung, Google
Prajeet Nair November 11, 2021
Vulnerabilities in Apple Pay, Samsung Pay and Google Pay allow attackers to make unlimited purchases using stolen smartphones enabled with express transport schemes, according to a research report from Positive Technologies. These findings were presented at Black Hat Europe this week.
► Access Management Cybersecurity Leadership: Cut Through the Zero Trust Hype
Tom Field November 11, 2021
Zero Trust: Is it the operational model that's going to propel us into a more secure future? Or just another marketing message to be tossed onto the pile of past campaigns? In this latest Cybersecurity Leadership panel, the top minds in the sector weigh in on the present and future of Zero Trust.
3rd Party Risk Management Risk Quantification 101: Communicate Risk in Dollars and Cents
Information Security Media Group November 9, 2021
In this video, LogicGate and Protiviti explores the fundamentals of risk quantification and highlight how the practice empowers you to leverage the power of risk confidently and strategically.
3rd Party Risk Management Feds Offer $10 Million Reward for REvil Ransomware Gang
Mathew J. Schwartz November 9, 2021
The calculus facing cybercrime practitioners is simple: Can they stay out of jail long enough to enjoy their ill-gotten gains? A push by the U.S. government and allies aims to blunt the ongoing ransomware scourge. But will practitioners quit the cybercrime life?
Breach Notification Infrastructure Bill Features $1.9 Billion in Cyber Funding
Dan Gunderman November 8, 2021
Congress has passed the $1.2 trillion physical infrastructure bill, which will inject $1.9 billion in new cybersecurity funding for the federal government. The bill, long held up in Congress, passed the House on Friday and moves to the desk of President Joe Biden, who plans to sign the measure into law.
3rd Party Risk Management NSA Reports: Espionage Group Breaches Critical Systems
Mihir Bagwe November 8, 2021
Threat actors have breached critical systems internationally by exploiting a recently patched vulnerability in Zoho’s ManageEngine product ADSelfService Plus, with a suspected Chinese threat group leveraging leased infrastructure to scan hundreds of vulnerable organizations.
More News More News Get Daily Email Updates
Covering topics in risk management, compliance, fraud, and information security.
Resources Live Webinar | Enforcing Least Privilege Access in AWS Cloud Infrastructure with CIEM Modern Blueprint to Information Protection Redefining Data Loss Prevention (DLP) The DLP Dilemma Report Frost ">Data Science Institute, Columbia University - New York, NY View Job Board Featured Events Virtual Cybersecurity Fraud Summit: France
November 23, 2021 @ 12:11 am EST
View All Events Around the Network Ransomware Warning: Are Businesses Stepping Up? Why Hive Attacks Are the Latest Menace to Healthcare Sector Teenage Cybercrime: Giving Young Hackers A Second Chance Deter Cybercriminals: Declare a Clear Response to Attacks Case Study: Intrusion Prevention, Detection in the Cloud Tackling Growing Pandemic Cyberthreats in Healthcare Feds' Ransomware Smackdown: Attackers' Days Numbered? Why Healthcare Entities Fall Short Managing Security Risk Pandemic Plus Ransomware Is 'Perfect Storm' for Healthcare Ransomware Gangs Are Not Infallible Subscribe Continue to site Operation Success! Join the ISMG Community Join the ISMG Community Need help registering?
Contact Support
Sign in to ISMG Don't have one of these accounts?
Create an ISMG account now
Create an ISMG account now
Need help registering? Contact support
Forgot Your Password? Already have an ISMG account?
Sign in now
Need help registering? Contact support
Forgot Your Password Message: Contact Us Already have an ISMG account?
Sign in now
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
BankInfoSecurity.com is your source for banking information security related content, including fraud, ID theft, risk management, emerging technology (authentication, cloud computing, mobile banking, social media), as well as the latest regulations and anlysis on current topics.