Category: Identity

Fraudsters are continuing to have quite a bit of success with business email compromise scams. Last year, companies in the United States lost more than $360 million to these schemes, an increase of nearly 50 percent from 2015. The FBI’s 2016 Internet Crime Report, which the bureau’s Internet Crime Complaint Center (IC3) released Thursday, includes…

Security firm OneLogin, which provides single sign-on and other identity and authentication products, has suffered a data breach that it says likely affects all of its customers served by its data center in the United States. In an email sent to customers, the company said that customer data was possibly compromised, but it didn’t specify…

In a new study out from a UK based research team, scientists have discovered an inexpensive and easy-to-use way to validate the authenticity of any paper document solely by taking a picture of it with a camera. Capturing the random interweaving of the wooden particles that are used to make up paper, the research team…

Congressional leaders are continuing to pressure federal agencies to address shortcomings in the security of the telecommunications infrastructure, specifically to warn consumers about weaknesses that can open them up to remote surveillance. In a letter sent Tuesday, Rep. Ted Lieu and Sen. Ron Wyden asked FCC Chairman Ajit Pai to take “swift action” to resolve…

A few days after LastPass released a fix for some critical security flaws in its extensions for Chrome and Firefox, a researcher has identified a new vulnerability in the browser extension that allows an attacker to get full code execution on a target machine. The details of the new bug are not public yet, but…

Nest, maker of smart home thermostats and other devices, is adding two-step verification to its authentication process, making it more difficult for attackers to take over users’ devices. The company said on Tuesday that it is implementing the ability for users to require a short code sent by SMS as part of the sign-in process…

It’s that time of year again, when the security industry looks westward with a mixture of anxiety, dread, and expense-account induced giddiness: RSA week. When people who have never been to the RSA Conference before ask me what to expect, I never have a good answer. A lot of it depends on what your job…

Lavabit, the secure email service that shut down in 2013 rather than turn over the encryption key for a user account to the federal government, has reemerged with a new encrypted mail offering based on a standard developed by the company. It’s been more than three years since Lavabit founder Ladar Levison decided to end the…

Attackers backed by a foreign government were behind the attack that compromised health insurance company Anthem in 2015, a breach that compromised the information of more than 78 million people, according to the findings of an investigation into the attack. The Anthem data breach is one of the larger health cae-related incidents ever in the United…

The fraud schemes that consumers and businesses face every day are the end result of a lot of research, work, and planning on the part of the criminals who perpetrate them. There are a lot of moving pieces in the background that victims never see, and often the schemes involve many intermediate steps before a…