Visa has announced plans for a one-click payment system, or what it calls a “universal digital wallet,” to improve the online experience by simplifying the process of purchasing items across the Internet. While a single log-in and password will eliminate the burden of consumers having to re-enter personal and card information when buying items online or on mobile sites, as well as securely store their account information in one location, I’m not sure how much this answers critical questions around how financial institutions can better protect their networks and customers from a wave of new malware targeting bank accounts.
For example, last week security researchers said that the source code for one of the most notorious banking Trojans is now freely available over the Internet for any malware author interested in creating banking Trojans. In the article, “Zeus source code leaked means even more banking malware to hit the web,” the release of the complete source code for the Zeus botnet could open the floodgates for more complicated Zeus variants. With the Zeus kit available on several underground forums, Pierre-Marc Bureau, senior researcher at ESET, said this could lower the bar of entry for malware authors, giving even the most junior programmers free rein to create new Zeus variants. Continue reading this post…
In February, Dan Teal discussed here on WhiteSpace why today’s Mac users have to change their way of thinking when it comes to malware attacks. Once operating with the mindset that malware writers were only interested in Windows systems, Mac users need to understand that there is a new trend emerging. As the number of Mac users continues to steadily increase, cyber criminals are expanding the types of systems and platforms they target.
That message was reaffirmed this week in the Wall Street Journal. In the article, “Time For Mac Users To Think About Viruses,” Ben Rooney makes the point that Mac lovers should no longer feel smug about not getting viruses, or at the very least begin thinking about virus protection. Continue reading this post…
Cloud computing has certainly taken its share of hits lately. Last month’s Amazon outage created a lot of chatter and analysis around the reliability and availability of cloud-based services. Despite what pretty much amounts to growing pains for cloud computing, most everyone agrees that businesses will continue pursuing cloud services for the many cost and competitive advantages that the cloud promises.
The one thing that these types of events bring to light is the importance of security with cloud providers. According to the recent article, “Symantec executives caution customers on cloud provider security,” as more and more businesses turn to cloud services, they need to hold their providers to the same security standards that they adhere to because they can still be liable if their data is breached.
Whether an organization’s business assets are on-premise or reside in the cloud, securing critical data needs to be the No. 1 priority. Continue reading this post…
Is it me, or does it seem like many of today’s security breaches are (eventually) the result of organizations not taking the necessary precautions to protect their data from cyber fraud? With the attacks on the Sony PlayStation Network and marketing giant, Epsilon, April saw its share of high-profiled data breaches. But many of the intelligence reports that follow such incidents seem to indicate that had the organization taken proactive security measures to protect their enterprises, they may have mitigated risks that allowed their data to be compromised. All this leads to one important question: Are we doing enough to protect our networks? Here were some of the top security stories from April 2011: Continue reading this post…
As Sony’s PlayStation data breach debacle continues to unfold, there have already been a number of lessons we can learn from this story — everything from protecting valuable information to how your public relations team responds to such a crisis. That said, here are a three questions every C-level executive should ask themselves to ensure the data that resides on their network is safe and, should a similar situation occur, their communication team is ready to take action. Continue reading this post…