122 Results
Posted:

Espionage activity targeting Asian governments, Webworm develops customized tools, and latest Noberus TTPs

On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien are joined by Symantec threat researcher Alan Neville to discuss some of the recent blogs that the Symantec Threat Hunter team has published. We discuss a new wave of espionage activity targeting Asian governments by attackers who were formerly associated with the ShadowPad malware but who appear to have now adopted a new toolset to mount an ongoing campaign against a range of government and state-owned organizations in a number of Asian countries. We also examine the current activities of a group we call Webworm, which has developed customized versions of three older remote access Trojans (RATs), including Trochilus, Gh0st RAT, and 9002 RAT. We also discuss a blog we have published about the Noberus (aka BlackCat ) ransomware, and the recent tactics, tools, and procedures we have seen deployed alongside that ransomware recently.

Download
Posted:

Authentication and Transaction Risk Analysis

Welcome to the September edition of the Arcot podcast. This month, James Jenkins and Matt Cooke share their perspectives from a recent visit to the UK and Ireland, updates on the 2.3.1 protocol, Triple Data Encryption Algorithm (TDEA or 3DES), the updated authentication scorecard, and the importance of implementing 3DS best practices to increase overall approval rates. Subscribe to our Monthly Newsletter to stay updated via email. Hope you enjoy this edition!

Download
Posted:

Mobile app security, Russian invasion of Ukraine cyber impact continues, and Evil Corp switches focus

The Cyber Security Brief is back after its summer break! In this episode, Brigid O Gorman and Dick O’Brien cover some of the stories you might have missed while we were off air. Dick discusses a recent Symantec blog that looks at the implications of poor security practices in the mobile software supply chain, and how this can lead to the exposure of an alarming amount of data. Brigid discusses some of the continuing effects of the Russian invasion of Ukraine in the world of cyber security, including some activity by the Shuckworm APT gang aimed at Ukraine, as well as a seemingly increased focus by Chinese espionage actors on Russia since the invasion began. Finally, we also discuss some recent developments by the Evil Corp cyber crime gang, and what these might mean.

Download
Posted:

3-D Secure works better with Data Analytics

In this edition, we have Matt Cooke and James Jenkins discussing our theme of how 3-D Secure (3DS) works together with data science and data analytics to optimize digital payments. This month, the Arcot team also provides various product announcements for both issuers and merchants, along with our perspectives from our customer success team, and the updates on our authentication scorecard. Please consider subscribing to our monthly newsletter to stay updated via email and receive the Arcot newsletter for your regular updates on everything related to 3D Secure and the digital payments industry. Hope you enjoy this edition!

Download
Posted:

3-D Secure Optimization using Delegated Authentication

In this edition, we have Matt Cooke and James Jenkins discussing the 3-D Secure (3DS) optimization with a focus on Delegated Authentication, one of the key tools for minimizing friction during an eCommerce transaction while at the same time reducing fraud. Arcot is actively working with issuers and merchants on Arcot Delegated Authentication Framework to provide the contractual vehicle to support these transactions. This supports other tools such as Trusted Beneficiary, Data Only, and a wide range of available exemptions all designed to make 3DS work better. We also discuss the increasing problem of fraud attacks on Authorized Push Payments (APP) where fraudsters trick genuine cardholders to complete a fraudulent transaction. We explore how to leverage the Arcot Network to identify high-risk beneficiary accounts before funds are transferred thereby blocking fraud and protecting often some of the most vulnerable customers. Subscribe to our Monthly Newsletter to stay updated via email.

Download
View More