Audit Finds More Security Vulnerabilities at IRS

Encryption & Key Management , Endpoint Security , Fraud Management & Cybercrime GAO Makes More Security Recommendations; IRS Now Has 127 Issues to Resolve Akshaya Asokan (asokan_akshaya) • July 19, 2019     (Photo: Joshua Doubek via Wikicommons/CC) The Internal Revenue Services’ internal financial reporting systems and IT infrastructure have 14 new security vulnerabilities, along with a long list of previously unresolved deficiencies, according to the U.S. Government Accountability Office….

July 22, 2019
Read More >>

Phishing Attack Aimed at Stealing Payroll Deposits

Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management Healthcare System’s Procedures Helped Prevent the Crime Marianne Kolbasuk McGee (HealthInfoSec) • July 19, 2019     Hackers attempted to divert payroll direct deposits of Wise Health System employees. A Texas-based healthcare system says hackers unsuccessfully tried to divert employee payroll direct deposits through a phishing attack that also potentially exposed patient data. The incident illustrates how business processes can…

July 20, 2019
Read More >>

BEC Scams Cost U.S. Companies $300 Million Per Month: Study

Business Email Compromise (BEC) , Fraud Management & Cybercrime , Fraud Risk Management Treasury Department Says an Average of 1,100 Businesses Scammed Each Month Scott Ferguson (@Ferguson_Writes) • July 19, 2019     Business email compromise scams are surging, and they’re costing U.S. companies a total of more than $300 million a month, according to a recently released analysis by the U.S. Treasury Department. Manufacturing and construction firms are the…

July 20, 2019
Read More >>

New Audit Finds More Security Vulnerabilities at IRS

Encryption & Key Management , Endpoint Security , Fraud Management & Cybercrime GAO Makes More Security Recommendations; IRS Now Has 127 Issues to Resolve Akshaya Asokan (asokan_akshaya) • July 19, 2019     (Photo: Joshua Doubek via Wikicommons/CC) The Internal Revenue Services’ internal financial reporting systems and IT infrastructure have 14 new security vulnerabilities, along with a long list of previously unresolved deficiencies, according to the U.S. Government Accountability Office….

July 19, 2019
Read More >>

Researchers Trick Cylance Into Giving Malware a Pass

Endpoint Security WannaCry, SamSam Skirt Past Cylance’s Protect Product, Skylight Cyber Reports Jeremy Kirk (jeremy_kirk) • July 19, 2019     An Australian cybersecurity company says it tricked BlackBerry’s Cylance Protect anti-virus product into believing that some of the most pernicious types of malware, including WannaCry and the SamSam ransomware, were benign programs. See Also: Webinar | Key Trends in Payments Intelligence – Machine Learning for Fraud Prevention Skylight Cyber…

July 19, 2019
Read More >>

Huawei Question Must Be Answered by New UK Prime Minister

Delay is Damaging International Relationships, Parliamentary Committee Warns Mathew J. Schwartz (euroinfosec) • July 19, 2019     London’s 10 Downing Street is the headquarters and residence of Britain’s prime minister. (Photo: Sergeant Tom Robinson RLC/MOD via OGL v1.0) On the list of unanswered questions in Britain, the country’s pending “Brexit” from the EU surely comes up top. See Also: Webinar | Beyond Managed Security Services: SOC-as-a-Service for Financial Institutions…

July 19, 2019
Read More >>

Phishing Scheme Targets Amex Cardholders

Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Akshaya Asokan (asokan_akshaya) • July 18, 2019     Researchers have uncovered a new type of phishing campaign that is targeting American Express card users. In these incidents, attackers are sending a hyperlink as part of a phony account update to access the victim’s credentials and other account details, Virginia-based security firm Cofense disclosed this week. Researchers stumbled across…

July 19, 2019
Read More >>

Tesla Vulnerability: A Bounty Hunter’s Tale

The latest edition of the ISMG Security Report describes the accidental discovery of a Tesla software vulnerability. In this report, you’ll hear (click on player beneath image to listen): ISMG’s Jeremy Kirk describe how a 19-year-old bounty hunter discovered the software bug in his Tesla; ISMG’s Mathew Schwartz analyze the very latest ransomware trends; Former federal advisers Richard Clarke and Robert Knake, the co-authors of a new book, discuss a…

July 19, 2019
Read More >>

New Phishing Scheme Targets Amex Card Holders

Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Akshaya Asokan (asokan_akshaya) • July 18, 2019     Researchers have uncovered a new type of phishing campaign that is targeting American Express card users. In these incidents, attackers are sending a hyperlink as part of a phony account update to access the victim’s credentials and other account details, Virginia-based security firm Cofense disclosed this week. Researchers stumbled across…

July 18, 2019
Read More >>