Security News
Some companies have argued that narrowing the scope of the CFAA would not be damaging to security programs if companies are already contracting security services, including crowdsourced programs like bug bounty. One company received pushback from the information security community when it accused MIT security researchers of acting in "Bad faith" by identifying vulnerabilities in its mobile app.
Researchers are detailing widespread security issues in point-of-sale terminals - specifically, three terminal device families manufactured by vendors Verifone and Ingenico. The issues, which have been disclosed to the vendors and since patched, open several popular PoS terminals used by retailers worldwide to a variety of cyberattacks.
The risk of identity fraud has increased significantly with attacks occurring more frequently since the start of the pandemic, Onfido reveals. Over the past 12 months, the average identity document fraud rate increased by 41% over the previous year as first-time fraudsters appear to be more prevalent, likely due to increased economic hardships during the pandemic.
A report released Tuesday by identity verification firm Onfido looks at the increase in ID fraud since the outbreak of COVID-19 and offers tips on how to protect your organization, your users, and your customers from this type of crime. To compile its "Identity Fraud Report for 2020," Onfido teamed up with criminal police organization Interpol to analyze different fraud techniques.
The agency joins a chorus of security professionals that have concerns about widespread attacks on the COVID-19 vaccine rollout. "The detection of a fake influenza vaccine confirms that criminals seize opportunities as soon as they present themselves," the Europol warning read. "Owing to the pandemic, the demand for the influenza vaccine has been higher than usual and there risks being a shortage. Criminals have reacted quickly by producing counterfeit influenza vaccines. The same scenario is also likely to happen when COVID-19 vaccines do become available."
There's a 1% decrease in suspected online retail fraud worldwide during the start of the 2020 holiday shopping season compared to the same period in 2019, a 59% increase from the same period in 2018 and a 14% increase from all of 2020 so far, TransUnion research reveals. The concern is relatively uniform across generations, though Gen X are the most worried about being victimized at 53%. Heading into the holiday shopping season, the study conducted from Oct. 28 to Nov. 5, 2020 found 37% of 9,515 consumers surveyed globally said they had been targeted by digital fraud related to COVID-19, a 28% increase from the same survey the week of April 13, 2020.
RSA announced Reed Taussig has joined RSA as CEO of the RSA Anti-Fraud Business Unit. As a privately-owned independent business, RSA is one of the largest pure-play providers of solutions for risk, security and anti-fraud teams and host of the world's largest cybersecurity conference: RSA Conference.
With different types of solutions approaching the fraud problem space from different angles, it's worth asking the question: What problem or problems are we actually trying to solve with this class of solutions? To my knowledge, enterprises are most often interested in reducing fraud losses. While these may seem like legitimate techniques, they don't actually reduce fraud losses.
Aerospike announced that it provides its Cloud Managed Service to Experian CrossCore integrated digital identity and fraud risk platform. Experian's CrossCore is an identity and fraud risk platform that consolidates and orchestrates numerous fraud risk signals into a single, holistic assessment to improve operational processes, stay ahead of fraudsters, and protect customers.
"The traditional processes that banks and other financial institutions employ are a bit resource-intensive and often those processes are manual so they've innovated to add some software modeling in an attempt to draw inferences from patterns that they see in their transactions and in their operations to help inform a potential theft, fraud or money laundering," said Michael Reed, director of the Blockchain Program at Intel. "But even those have high false-positive rates which can be disruptive to their customer relationships and also just cost them more time and money in their operations. Confidential computing is a new tool that banks and other corporations are using to help address their own security challenges. It's an emerging technology that helps secure data while it's in use."