Mobile-only banking app Dave has suffered a data breach that exposed personal details for at least 3 million users. But the fintech startup says no account information was exposed, and there are no signs of fraud. Dave says the incident traces to credentials stolen from Waydev, a third-party service provider.
The latest edition of the ISMG Security Report analyzes the hacking of high-profile Twitter accounts. Also featured: Addressing security when offices reopen; the role of personal protective equipment, or PPE, in money laundering during the pandemic.
A group of spoofed cryptocurrency trading apps is targeting devices running macOS to install malware called Gmera, security firm ESET reports. The malware can steal users' data as well as their cryptocurrency wallets.
Synopsys is a Leader in Gartner's Magic Quadrant for Application Security Testing (AST) for the fourth year in a row. Based on their ability to execute and their completeness of vision, they are positioned hightest and furthest right in the leaders Quadrant.
Download the full report to learn more:
Don't forget to lock down online shared code repositories, as Mercedes-Benz parent company Daimler AG learned the hard way after a researcher was able to access nearly 9 GB of software development documentation from a misconfigured GitLab repository.
A recent phishing campaign bypassed multifactor authentication protections within Microsoft Office 365 to steal users' credentials stored in the cloud or launch other attacks, according to the security firm Cofense.
Dave DeWalt, former CEO of FireEye and McAfee, has been appointed vice chair of the board of Onapsis, a vendor focused on securing business-critical applications. In this exclusive interview, DeWalt opens up on application vulnerabilities, the evolution of the nation-state threat and technologies to watch in 2020.
Hackers appear to have accessed a new mobile payment app for 7-Eleven customers in Japan, taking about $500,000 from 900 customers over several days. Poor passwords and authentication designs by the company are likely to blame, according to media reports.
Just days after Drupal warned of a "highly critical" flaw in its web services modules, hackers came calling, exploiting the content management system vulnerability to install cryptocurrency miners and other malicious software on sites, security experts warn.
The new India Post Payments Bank will take banking to the doorstep by using India's mammoth network of post offices. Postmen will perform digital transactions on their phones. That's raising concern among security leaders, who recommend adopting defense-in-depth security.
The damage done by fraud and abuse isn't always easy to quantify. But getting clear on the numbers will help you understand the health of your business, measure your success, get buy-in for resources, and measure the effectiveness of your fraud tools.
Download this worksheet to learn more about:
The various types...
As of January 1, 2018, all SWIFT customers must self-attest to their compliance with the new SWIFT Customer Security Program (CSP). The program is designed to respond to the wave of cybercrime targeting SWIFT installations that began with the Bank of Bangladesh breach back in February 2016 and has swept across the...
The browser is the window to the web. But what's going in the background during that browsing is opaque to most users. A new experiment shows how the computing power of tens of thousands of computers could be unknowingly harnessed to crack passwords, harvest cryptocurrencies or conduct DDoS attacks.