The advanced persistent threat and security of online banking

Date: Oct 12, 2010

In this video, U.S. Assistant Attorney Erez Liebermann discusses how law enforcement is addressing the advanced persistent threat within the financial industry, as well as the security of online banking. He talks about the case of TJX and Heartland hacker Albert Gonzalez, and also provides advice on what companies should do after a data security breach, including when to call law enforcement.

More on Online, Web and application security

Web application security for financial services firms
VIDEO - Protecting Web applications is especially important for financial firms that may have online banking or trading capabilities. In this video, Warren Axelrod explains best practices for creating and maintaining secure Web applications.
Social media and cloud computing for financial services
VIDEO - Paul Smocer of BITS discusses the use of social media and cloud computing by financial services firms, including the inherent risks, and what you can do to mitigate them
Evolution of online banking malware: Tatanarg Trojan and OddJob Trojan
Answer - Online banking credentials are one of the most lucrative bits of information available to steal. Expert Nick Lewis advises how to keep cutting-edge Trojans off company machines.
OddJob Trojan: Different from other online security banking threats?
Answer - What particular risks does the OddJob Trojan pose to the security of financial transactions over the Web? Expert Nick Lewis explains.
How to ensure the security of financial transactions online
Answer - Financial transactions are some of the most high-risk activities performed online. Expert Nick Lewis gives advice to financial firms on how they can prevent online transaction fraud.
SIEM vendors make the case for extending SIEM product capabilities
News - Advanced features can reduce the threat of wire fraud. New rule sets can be shared among banks and credit unions.
( Apr 01, 2011 )
GLBA compliance and emerging technologies
Tip - In order to meet GLBA requirements, companies must analyze the risks before moving customer information into new technologies like VoIP and cloud computing.

Back to top

Security
- Intrusion detection and prevention: IDS/IPS security guide
  
  This guide is a compilation of SearchSecurity.com's best resources on intrusion detection and prevention. It covers not only the basics of what they are and how they work, but also discusses several other important areas of IDS and IPS security, including IDS/IPS tools, such as Snort, implementation and deployment and wireless intrusion prevention systems (WIPS).
- Praise, criticism for retiring cybersecurity coordinator Howard Schmidt
  
  Security experts say some issues haven’t been adequately addressed by the White House security chief.
- PCI Council urges P2P encryption for mobile payments
  
  A PCI Council guidance document requires merchants to use a validated PIN entry device or secure card reader to accept payments using mobile devices.
Cloud Security
- Leveraging Microsoft Azure security features for PaaS security
  
  Organizations can boost PaaS security late in the game by implementing these stopgap measures.
- Quiz: Understanding cloud-specific security technologies
  
  Think you understand cloud-specific security technologies as well as expert Joseph Granneman does? Test your knowledge with this quiz.
- CSA launches cloud security certification initiative for service providers
  
  Plan calls for working with certification bodies, government agencies, as well as an independent CSA certification.
Security Channel
- Biometric authentication methods: Comparing smartphone biometrics
  
  Biometric authentication helps ensure only authorized smartphone users can access a network. David Jacobs weighs the pros and cons of three methods.
- F5 Vault program embraces incentives for F5 firewall, security sales
  
  The Vault partner program uses incentives to increase visibility for F5 firewalls and its architecture bundle.
- Using DMARC to improve DKIM and SPF email antispam effectiveness
  
  DMARC aids the DKIM and SPF protocols that help keep spam out and let legitimate emails in. David Jacobs explains how.
Security UK
- File upload security best practices: Block a malicious file upload
  
  Do your Web app users upload files to your servers? Find out the dangers of malicious file uploads and learn six steps to stop file-upload attacks.
- MDM, security vendors scramble to address BYOD security issues
  
  Organisations are looking beyond NAC and MDM to resolve BYOD security issues; MDM, security and hybrid vendors are responding with new products.
- ICO fines Welsh health board £70,000 for patient record loss
  
  For the first time, the ICO fines an NHS organisation for sending patient data to the wrong person.
searchMidmarketSecurity
- Windows Phone 7 security: Assessing WP7 security features
  
  Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.
- Choosing the best security certifications for your career
  
  Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.
- Midmarket security tutorials
  
  SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT security industry. Through our tutorials we seek to provide site members with the foundational knowledge needed to deal with the increasingly challenging job of keeping their organizations secure.
CIO
- Ezine Download: Shared Services
  
  Shared services has become a hot topic due to promises of virtualization, cloud computing and centralized IT. Discover how a shared services strategy can benefit your organization.
- To gain a competitive advantage with mobile, CIO readiness is all
  
  Gaining a competitive advantage with mobile is no easy feat for a statewide bank. Getting an early jump made the difference for one CIO.
- IT Leadership Awards finalists driven by business-value creation
  
  SearchCIO-Midmarket.com IT Leadership Awards judge Harvey Koeppel discusses his renewed belief that business and IT are aligning.

Latest Headlines

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Blogs

The advanced persistent threat and security of online banking

The advanced persistent threat and security of online banking

More on Online, Web and application security

More from Related TechTarget Sites