Bleeding heart bug|
An extremely critical vulnerability characterized by the symbol of a bleeding red heart, known as Heartbleed, has put millions of websites, servers and networks at risk. The vulnerability affects OpenSSL, the encryption technology used by millions of online sites to protect online data. An exploit of the vulnerability has been discovered that can enable hackers to steal personal data and login credentials from vulnerable sites, as well as private keys that sites use to encrypt and decrypt sensitive data. The SANS Institute is calling for global and immediate action to deal with this serious threat. ZD Net has the details and the importance of communicating to your customers the potential exposure and your response to this flaw.
Directive on DDoS attacks
Forget the best offense, the best defense is the best defense when it comes to warding off cyber attacks. A new groundbreaking ruling from the Federal Financial Institutions Examination Council (FFIEC) is not just suggesting that financial institutions take defensive actions against targeted attacks on their networks, but requires them to do so. The FFIEC has established six steps that banks and other financial entities must follow to assess their risks, monitor their systems and have proper procedures in place to mitigate these attacks. InfoWorld has the details.
"A deadly cocktail in the making," is how one ATM software expert summed up the effect Microsoft's discontinuation of support for Windows XP could have on the 2.6 million banks worldwide that deploy ATMs running the software. Despite the fact banks have had more than ample time to upgrade their systems and most ATMs are well-protected, the combination of rising ATM-targeted malware and the loss of Windows XP security updates leaves many ATMs at increased risk of hackers exploiting vulnerabilities in the now defunct software. ATM Marketplace has more on what banks should do now and compliance issues to consider if your bank is still running Windows XP.
Certified ZeuS delivery
Discovering yet another new version of the nefarious banking trojan ZeuS is nothing new, but security researchers are warning that the latest version of the notorious malware is "extremely dangerous." Security firm Comodo reports this new variant appears trustworthy as it hides behind a legitimate digital signature and can go undetected by security software, giving it carte blanche on infected systems, reports Threatpost.
ID theft conspiracy
A call center employee who handled sales and customer service inquiries for telecomm giant AT&T used her access to confidential customer files to help an ID theft gang make unauthorized wire transfers and defraud victims of tens of thousands of dollars. A 22-count conspiracy indictment has been brought against the 25-year-old Florida resident, Chouman Emily Syrilien, and seven co-conspirators, some of whom were also charged with access device fraud and identity theft. Infosecurity has the details, including how they pulled off their scheme. This case that highlights the need for stringent security controls for those who have access to sensitive data, including third-party providers, and for stronger authentication methods.
Passing the breach buck
In the wake of burgeoning data breaches, lawmakers are taking action to hold companies and retailers accountable for the protection of consumers' personal and financial data. In California, two legislators are pushing for a bill that would shift the responsibility for notifying customers in the event of a breach and the financial losses due to the breach from the banks and credit card issuers to the retailers, reports Newsfactor. A federal court decision this week gives the Federal Trade Commission the go ahead to seek enforcement actions against companies whose poor data security practices contribute to data being compromised. Techdirt has the details.
Banking on mobile commerce
A recent federal study revealed that 87% of U.S. adults have a mobile phone – 61% of which are Internet-enabled smartphones. More than half of those smartphone owners used mobile banking in the past 12 months, and 69% of mobile banking users are checking their bank accounts when shopping for large purchases. Combining mobile banking with ecommerce capabilities can be a win-win for banks and their customers, reports Bank Systems & Technology.
Reinventing retail banking
German-based Fidor Bank offers a full range of products, has no physical branches, and rewards its customers for social media interaction. One of the first of its kind when it began five years ago, Fidor differs from its counterparts because it is a fully licensed bank. CEO Matthias Kroner shares how banks can use technology to redefine products and services with a focus on the needs of their customer in this Banking Technology article.
Tightening digital coin controls
As the virtual currency tide continues to ebb and flow, some banks are shutting their doors to Bitcoin-related accounts due to the "unacceptable level of risk" these accounts present, reports Finextra. Meanwhile, U.S. Attorney General Eric Holder is proposing that regulatory controls be applied to virtual currency transactions to mitigate the use of the cryptocurrency for illicit gain. Finextra has the details.
Updates, Patches and Alerts...
Bitcoin emerged in 2013 to fanfare from the tech community, speculation from investors, and suspicion from the world's regulators. So what is it, and what is all the fuss about? Bitcoin is a decentralized, peer-to-peer payment system - it is to money what Napster was to file sharing. Bitcoin is not backed by any one government, nor is it run by any one corporation. Bitcoin is the dawn of a new "virtual" era, and it is already redefining the way we think about moving money. This webinar will cover the basics, common misconceptions, the uses of Bitcoin, and more.
Order the CD ROM of the program now.
On the lighter side ...
With the April 15th tax deadline approaching, ten accountants present the Top Ten list with some useful tax tips on the late show with David Letterman.
|In the Banker Store|
CD ROM Training
Mastering the ACH Rules
2013 in Review & The Future
CD ROM Training
Virtual Cash, Wallets, Branches, Checks and Real Compliance Issues
Avoiding Fraud Loss at the Front Line