In our last blog, we looked at 2022’s most prominent global payment fraud trends, including application fraud and synthetic identities, bot-driven DDoS attacks, brute force BIN attacks, and authorized push payment fraud. We also discussed the convergence of cybercrime and payment fraud as cybercriminals constantly look for new ways to exploit payment networks by distracting infosec teams with cyberattacks while they launch fraud attacks.
The recent collapse of Silicon Valley Bank (SVB) has sent shockwaves through the tech industry, prompting many individuals and companies to move their bank accounts to other financial institutions. However, in the midst of this turmoil, cybercriminals are poised to take advantage of people’s fears and concerns. If you’re planning to move your bank account or have already done so, it’s important to be aware of the security risks associated with this process.
In early March, the SANS Institute, whose mission is to empower cybersecurity professionals with the practical skills and knowledge to make the world a safer place, shared some insightful findings based on their survey on ransomware and malware intrusions in 2022. The survey included participants in various roles and industries from organizations worldwide of all sizes. “In this survey, we wanted to understand what the past year looked like for our respondents.
SASE (Secure Access Service Edge) is a new architecture that converges networking and security into cloud-native, globally available service offerings. Security inspection and policy enforcement is performed at the cloud edge, instead of backhauling all traffic to a centralized data center for inspection. This enables organizations to strengthen their security posture while ensuring high performance, scalability and a good user experience.
PCI 4.0 — the PCI Standards Security Council’s first update since 2018 to the PCI Data Security Standards (PCI DSS) — is a major iteration that shifts away from the traditional point-in-time assessment. Do you remember how an auditor would annually determine the PCI compliance status of a merchant’s or service provider’s system on a specific day in a specific month and assume — somehow — that the snapshot characterized their status all year?
Managed NDR is network detection and response (NDR) combined with an outsourced SOC (Security Operations Center) monitoring and response layer. The meaning of “managed” in managed NDR will vary from provider to provider. Some managed NDR services will remediate threats for you, while others will stop at alerting and assisting your internal IT team. Similarly, the capabilities of the “NDR” part of managed NDR will also differ depending on who offers it.
