 |
| Image source: Article |
Ideally, users should also be able to review the types of information each application on their device can access in a one-stop dashboard.
What are your thoughts on this FTC report?
Monday, February 25, 2013
FTC Endorses New Privacy Guidelines, Do Not Track for Mobile Apps, Devices
Hoping to ramp up privacy on mobile devices such as smartphones and tablets, the Federal Trade Commission (FTC) has released a series of suggestions to help app developers, advertising networks and device companies better protect their users online.
The FTC is looking to get companies, particularly those that work in the facilitation of users’ personal information, to clamp down.
Ideally, users should also be able to review the types of information each application on their device can access in a one-stop dashboard.
What are your thoughts on this FTC report?
Ideally, users should also be able to review the types of information each application on their device can access in a one-stop dashboard.
What are your thoughts on this FTC report?
Wednesday, February 20, 2013
Big Bank Mules Target Small Bank Businesses
A $170,000 cyberheist last month against an Illinois nursing home provider starkly illustrates how large financial institutions are being leveraged to target security weaknesses at small to regional banks and credit unions.
The attack on Niles Nursing Inc. provides a textbook example. On Monday, Dec. 17, 2012, computer crooks logged into the company’s online banking accounts using the controller’s credentials and tunneling their connection through his hacked PC.
At the beginning of the heist, the miscreants added 11 money mules to Niles’ payroll, sending them automated clearing house (ACH) payments totaling more than $58,000, asking each mule to withdraw their transfers in cash and wire the money to individuals in Ukraine and Russia.
In total, the attackers appear to have recruited at least two dozen money mules to help haul the stolen loot. Read the article to learn more.
 |
| Image source: Article |
At the beginning of the heist, the miscreants added 11 money mules to Niles’ payroll, sending them automated clearing house (ACH) payments totaling more than $58,000, asking each mule to withdraw their transfers in cash and wire the money to individuals in Ukraine and Russia.
In total, the attackers appear to have recruited at least two dozen money mules to help haul the stolen loot. Read the article to learn more.
Sunday, February 17, 2013
Zeus hit five major banks in Japan
Zeus malware is considered the most popular and prolific malicious code for banking, it is one of the privilege agent by cybercrime the use to sell various customized version in the underground to conduct sophisticated fraud.
Cyber criminals continue to use Zeus, it is considered one of the most dynamic cyber threats due the numerous variants and customization detected.
The malware is used to steal banking credentials, the attackers used a classic phishing schemes to spread the link to compromised web site, as usual they used drive-by downloads to trick victims.
Has your CU members been tricks?
 |
| Image source: Article |
The malware is used to steal banking credentials, the attackers used a classic phishing schemes to spread the link to compromised web site, as usual they used drive-by downloads to trick victims.
Has your CU members been tricks?
Friday, February 15, 2013
Crooks Net Millions in Coordinated ATM Heists
Organized cyber criminals stole almost $11 million in two highly coordinated ATM heists in the final days of 2012.
The events prompted Visa to warn U.S. payment card issuers to be on high-alert for additional ATM cash-out fraud schemes in the New Year.
Using a small number of re-loadable prepaid debit cards tied to accounts that they controlled, scammers began pulling cash out of ATMs in at least a dozen countries. Within hours, the perpetrators had stolen approximately $9 million.
What does your CU do to protect against ATM theft?
 |
| Image source: Article |
Using a small number of re-loadable prepaid debit cards tied to accounts that they controlled, scammers began pulling cash out of ATMs in at least a dozen countries. Within hours, the perpetrators had stolen approximately $9 million.
What does your CU do to protect against ATM theft?
Wednesday, February 13, 2013
DDoS Attack on Bank Hid $900,000 Cyberheist
A Christmas Eve cyberattack against the Web site of a regional California financial institution helped to distract bank officials from an online account takeover against one of its clients, netting thieves more than $900,000.
At approximately midday on December 24, 2012, organized cyber crooks began moving money out of corporate accounts belonging to Ascent Builders, a construction firm based in Sacramento, Calif.
In short order, the company’s financial institution – San Francisco-based Bank of the West — came under a large distributed denial of service (DDoS) attack.
Are you prepared for a DDoS attack? Or will you get a visit from the FBI?
 |
| Image source: Article |
In short order, the company’s financial institution – San Francisco-based Bank of the West — came under a large distributed denial of service (DDoS) attack.
Are you prepared for a DDoS attack? Or will you get a visit from the FBI?
Monday, February 11, 2013
Hacking The Laptop Docking Station
You know that docking station you snap your laptop into at the office? It can be hacked, too.
A British researcher next month at Black Hat Europe will show just how valuable those seemingly benign devices can be to a determined attacker targeting an organization or group of users.
Andy Davis, research director for U.K.-based NCC Group, built a prototype hardware device that can easily be placed inside a laptop docking station to sniff traffic and, ultimately, steal sensitive corporate communications information from the laptop.
Where does your CU source its docking stations?
 |
| Image source: Article |
Andy Davis, research director for U.K.-based NCC Group, built a prototype hardware device that can easily be placed inside a laptop docking station to sniff traffic and, ultimately, steal sensitive corporate communications information from the laptop.
Where does your CU source its docking stations?
Friday, February 8, 2013
PCI Council Releases Guidelines for Cloud Compliance
A new set of guidelines from the PCI Security Standards Council is intended to help merchants and cloud services providers comply with the PCI DSS when handling payment card data on the web.
Since 2004, the PCI Security Standards Council (PCI SSC) has maintained the Payment Card Industry Data Security Standard (PCI DSS), a proprietary information security standard for the handling of payment card data.
Increasingly, organizations have taken the PCI standard as a guide for implementing security, even if they don't have responsibility for customer payment card data.
What is your CU's position on PCI and cardholder privacy?
 |
| Image source: Westerfield |
Increasingly, organizations have taken the PCI standard as a guide for implementing security, even if they don't have responsibility for customer payment card data.
What is your CU's position on PCI and cardholder privacy?
Thursday, February 7, 2013
Ex-Employees Say It's OK To Take Corporate Data With Them
New survey finds nearly 70 percent of employees who recently left or were fired from their job say their organizations don't prevent them from using confidential info.
Half of employees say they took corporate data with them when they left their jobs or were fired, and 40 percent plan to use that data in their new positions at other organizations, according to a new report.
Sixty-two percent don't think this practice is wrong, either: They say it's OK to take corporate data with them via their PCs, tablets, smartphones, or cloud file-sharing applications.
Does your CU have data loss policies being enforced for mobile, cloud, and other extrusion channels?
| Image source: Flickr |
Sixty-two percent don't think this practice is wrong, either: They say it's OK to take corporate data with them via their PCs, tablets, smartphones, or cloud file-sharing applications.
Does your CU have data loss policies being enforced for mobile, cloud, and other extrusion channels?
Tuesday, February 5, 2013
Mobile Deposit Combines Best of Both Banking Worlds for Credit Unions
Remote deposit capture, long tied to the PC and desktop scanner, has arrived at its ultimate destination – anywhere, anytime check deposits through popular mobile banking capabilities and smartphones.
Mobile deposit is attractive to consumers and millions of small businesses, a longtime staple of credit union membership.
New technologies have always been the answer to that challenge, and during the last few years, mobile RDC has been in the spotlight.
Does your CU take advantage of this technology?
 |
| Image source: Flikr |
New technologies have always been the answer to that challenge, and during the last few years, mobile RDC has been in the spotlight.
Does your CU take advantage of this technology?
Monday, February 4, 2013
Anonymous posts over 4000 U.S. bank executive credentials
Anonymous appears to have published login and private information from over 4000 American bank executive credentials its Operation Last Resort, demanding US computer crime law reform.
A spreadsheet has been published on a .gov website allegedly containing login information and credentials, IP addresses, and contact information of American bank executives.
If true, it could be that Anonymous has released banker information that could be connected to Federal Reserve computers, including contact information and cell phone numbers for U.S. bank Presidents, Vice Presidents, COO's Branch Managers, VP's and more.
Did your CU executives make the list?
 |
| Image source: Article |
If true, it could be that Anonymous has released banker information that could be connected to Federal Reserve computers, including contact information and cell phone numbers for U.S. bank Presidents, Vice Presidents, COO's Branch Managers, VP's and more.
Did your CU executives make the list?
Saturday, February 2, 2013
War on terabytes
Ever since the 2001 attacks on the World Trade Centre, banks like Santander have invested billions in safeguarding and duplicating their data centres to protect them from terrorist attacks and natural disasters.
The threat against banks has, however, evolved. Although the physical infrastructure of the world’s financial system is largely secure, the software that runs on it is not.
Bank bosses and regulators are becoming more concerned by the threat posed to financial stability by networks of hackers that have launched a series of attacks on banks over the past few months.
Read more about the threat trends.
 |
| Image source: Blogpost |
Bank bosses and regulators are becoming more concerned by the threat posed to financial stability by networks of hackers that have launched a series of attacks on banks over the past few months.
Read more about the threat trends.
Friday, February 1, 2013
Cases Where Google Gives User Data To Government Don't Involve A Warrant
It may be easier than you think for government entities to demand the private data you’ve stored on Google’s servers.
Most of the time, it doesn’t even require a judge’s signature.
On Wednesday Google released its semi-annual Transparency Report, its voluntary admission of how many times it removed data from its services or quietly handed users’ information to government agencies in the last six months.
Does your CU allow sensitive information to reside in Google services?
 |
| Image source: Article |
On Wednesday Google released its semi-annual Transparency Report, its voluntary admission of how many times it removed data from its services or quietly handed users’ information to government agencies in the last six months.
Does your CU allow sensitive information to reside in Google services?
Microsoft pushes subscription model for Office 2013
Available for download now, Office 2013 comes in a wide variety of versions. But Microsoft is hoping that you'll skip the one-time fee for a subscription model that delivers lots of updates to come.
After existing in preview form since last summer, Office 2013, the next version of Microsoft's productivity software, is now available for download.
Yes, it's a lot more money, and Microsoft accomplishes its goal of keeping you as a customer.
Is your CU sticking with Office 2013?
 |
| Image source: Article |
Yes, it's a lot more money, and Microsoft accomplishes its goal of keeping you as a customer.
Is your CU sticking with Office 2013?
Subscribe to:
Posts (Atom)
