WannaCry

What initially looked like an attack against England’s National Health Service (NHS), forcing hospitals to turn away patients on May 12, 2017, has turned out to be the largest coordinated cyberattack ever seen. Cybersecurity professionals around the world are discovering that the WannaCry ransomware indiscriminately targets all industries everywhere. After only 3 days, the estimated number of victims is over 250 000, spread over 150 countries. So what is ransomware?… Read more


Protecting against the BankBot Android banking malware using RASP

Earlier this month the Dutch company Securify came across a new sample of the BankBot Android mobile banking malware. While older samples of BankBot mainly targeted Russian financial institutions, the latest sample shows that BankBot now targets European and American banks as well. More specifically BankBot now targets over 420 leading banks in countries such as Germany, France, Austria, the Netherlands, Turkey and the United States. VASCO’s Threat Research analysts… Read more


What Bob Dylan and RASP Have in Common

Ok, now that I have your attention, I’ll explain how I got here. Feel free to follow along. In early April, the creative folk icon finally made his way to Stockholm and the home of the Swedish Academy to formally accept his 2016 Nobel Prize for Literature and the 8 million Swedish krona (approximately $900,000 US) that went along with it. It happens that one of his most well known… Read more


EBA Eases Strong Customer Authentication Requirements under PSD2

On Thursday 23 February, the European Banking Authority (EBA) published its long-awaited final draft Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and Common and Secure Communication (CSC) under the revised Payment Services Directive (PSD2). In general the EBA has relaxed its requirements compared to the RTS in the EBA’s Consultation Paper from August 2016. Here are the most important changes: Transaction risk analysis. The final draft RTS introduces… Read more


February 10, 2017 - David Vergara

In their third quarter 2016 earnings report, Bank of America said that 20 percent of its total sales were digital and 27 percent of those sales were over mobile devices. The bank reported that it now has over 21 million mobile customers. And similar growth is being seen across the banking industry, so there’s no doubt that the mobile channel is a strong contributor to bank growth. As the proverb says,… Read more


SMS Authentication

Banks and payment service providers sometimes rely on SMS to verify the identity of a person who wishes to make a wire transfer or confirm a payment. They send an SMS message with a one-time password (OTP) to the person’s mobile phone, and the user has to enter this OTP into the application of the bank or payment service provider. In this blog post I discuss whether SMS-based authentication will… Read more


Top 5 Security Stories in 2016

2016 was another stunning year in the battle against hackers. The bad guys were more than up to the task with new attacks and an endless display of innovation that challenged even the best security strategies. Yahoo’s topped their half-billion record breach with a billion-record breach, ransomware ran amok, DDoS attacks scaled to new heights, the endpoint grabbed major attention, and the U.S. political process ended up in Russia’s crosshairs…. Read more


November 25, 2016 - Guest Blogger Lars Birkeland, Marketing Director of Promon
Tesla cars can be stolen by hacking the app

Our researchers have demonstrated that because of lack of security in the Tesla smartphone app, cyber criminals could take control of the company’s vehicles, to the point where they can track and locate the car in real-time, and unlock and drive the car away unhindered. Such a hack gives criminals total control of the vehicle, providing additional functionality to that exposed by Keen Security Labs in a different hack in… Read more


November 15, 2016 - Guest Blogger Lars Birkeland, Marketing Director of Promon
A total of 89 per cent of users wouldn’t know if their mobile device had been cyber attacked

A recent survey by app security specialist Promon has revealed that mobile users are massively unaware of cyber threats, with an overwhelming 89 per cent of respondents admitting they wouldn’t know if their device has been infected through a cyber attack. Users’ lack of awareness of mobile threats presents a significant challenge for businesses across every sector, meaning companies need to take extra steps to secure their customers’ data. Avoiding… Read more


The silent nature of all mobile attacks is what makes them so damaging. Sadly, users are still their own worst enemy as they are not taking the safeguards to help protect themselves in digital mobile market today. As reported by Infosecurity Magazine, today, only 45% report locking their phone with a pin, password or biometric. Yet 83% of consumers are extremely, very or somewhat concerned about Identity theft in America… Read more