Tag Archive for: network

SquaredFinancial Introduces Enhanced Fraud Prevention Framework and Uncovers Fraud Network

/in


SquaredFinancial values transparency and is strongly dedicated to fighting deceptive practices by developing an advanced fraud prevention framework. Recognizing recent incidents of financial deceit in the trading industry, the company is proactively fortifying its compliance and risk teams and strengthening processes and protocols to promptly detect and address any fraudulent activities.

A holistic approach to fraud prevention and management requires robust tools to conduct comprehensive risk assessments, identify potential vulnerabilities and prioritize risk mitigation.

The first step towards effectively fighting digital fraud is to understand the forms of fraud that occur regularly in the fintech sector. Some of the most common kinds of fraud are identity theft, phishing, web skimming, social engineering, and botnet attacks which can effectively be prevented with a resilient IT infrastructure and a steadfast focus on cybersecurity. In the forex brokerage industry, fraudulent activities have been recurrent and are plotted by networks or individuals exploiting terms and conditions and applying trading tactics to abuse commission and other bonus schemes.

Adapting to the ever-evolving landscape of financial fraud

Throughout the years, fraud networks have consistently targeted businesses, exploiting trading tactics and incurring substantial losses. As such, tactics like shared IP addresses and devices have been employed to exploit trading systems and take advantage of bonus schemes.

Recent fraud case study and actions taken

In November 2023, SquaredFinancial initiated an internal investigation following the deceitful actions of a specific partner. Utilizing internal analytical tools, the company was able to swiftly identify irregularities and has immediately intervened, preventing further exploitation. Craig Jenkins, Chief Legal & Compliance Officer, emphasized, “The recent case of abusers was detected by our software used to identify suspicious patterns, revealing a network of connected trading activities. A thorough inspection uncovered dozens of ‘clients’ engaging in coordinated trades from the same location, even the same computer, to abuse the favourable…

Source…

Former network security COO pleads guilty to hacking Georgia hospital

/in


On Nov. 16, a cybersecurity contractor admitted guilt for unlawfully accessing the computer systems of Lawrenceville, Ga.-based Gwinnett Medical Center back in 2018, Law360 reported.

Vikas Singla, who was the COO of a metro Atlanta network security firm specializing in healthcare, pleaded guilty to orchestrating a cyberattack on Gwinnett, according to the publication.

During the attack, phone lines were disrupted, as well as the network printer service.

Mr. Singla also was able to illicitly obtain data from a digitizing device from the hospital during the attack. 

The government said the crime cost Gwinnett Medical Center $800,000 and that the cyberattack was, in part, carried out with the intention of securing financial benefits for Mr. Singla’s company.

Mr. Singla was indicted by a federal grand jury on June 8, 2021.

Source…

CRA’s computer network security suffers from ‘lack of monitoring:’ Audit

/in


Filing your Canadian taxes digitally?

Article content

You may have cause to be concerned about how secure your information is, according to an internal audit, says Blacklock’s Reporter.

Article content

The audit says computer security at the Canada Revenue Agency — which has more than 27 million individual and corporate tax filers — is still uneven years after hackers breached the accounts of taxpayers.

“There was a lack of monitoring,” said the audit, blaming “a lack of management oversight.”

Revenue Agency managers “were not always aware of, or did not clearly understand, the security assessment and authorization process, more specifically for monitoring,” wrote auditors.

“Addressing security in the early stages of information technology projects and throughout the information system’s life cycle is vital to ensuring security is integrated into the design, that security objectives are met and that planning and resources are optimized.”

Article content

CRA’s website was shut down for six days in 2014 following a cyberattack, with hundreds of Social Insurance Numbers stolen.

Recommended video

We apologize, but this video has failed to load.

Investigators determined the cyberattack went unnoticed for six hours before the system was shut down.

Six years later in 2020, thousands of tax records were breached in a second cyberattack and managers promised tighter security.

“The Canada Revenue Agency has one of the largest information technology environments and repositories of personal and financial information in the Government of Canada,” wrote auditors.

“Ninety percent of income tax and benefit returns and 94% of corporate income tax returns were filed digitally. It is essential for the agency to meet Canadians’ expectations for delivering client service while maintaining trust that their information will be protected from potential data breaches and identity theft.”

Share this article in your social network

Source…

How network security can save security dollars

/in


For the last twelve years, 100% of CIOs have said that they expect to spend more on IT security, making security the only category that just keeps on absorbing investment. Every year in the last three years, over 80% of enterprises have said that their IT security still needed improvement. So, like death and taxes, is security spending growth inevitable? If we keep on the way we have, it sure seems like it. But what might change?

Let’s start with what’s important to users. External threats, meaning hacking, are a problem for every CIO. Internal threats, from badly behaving employees, are a problem for three out of four. Data theft is a universal fear, and malware that interferes with applications and operations is an important problem for over 90% of CIOs. As far as approaches or targets are concerned, 100% say access security on applications and data is essential and so is regular malware scanning. If you ask CIOs to pick a single thing they think is essential for IT security, it’s access security.

Access security, according to CIOs, is ensuring that applications and data are accessed only by those with the right to do so. If you have it, they believe, then hacking poses little threat because hackers won’t be authorized. Malware that impersonates an authorized user may still have to be addressed, but access security can limit the scope of what malware can do. It’s no wonder that every security vendor offers something in access security, and it’s no wonder that the hottest topic in security, zero-trust security, is a form of access security. Given that access is almost always via a network connection, it’s reasonable to ask whether network security features could enhance access security and zero-trust, and maybe even slow the growth of security spending overall. If you can’t connect to it, you can’t hack it.

Let’s dissect that by starting with a critical statement: Zero-trust doesn’t mean there is no trust, it means that trust is never assumed. That which isn’t assumed is explicit, and that means that all true zero-trust strategies depend on deciding what information connections are valid. One way to do this is to require…

Source…