for Journals by Title or ISSN
for Articles by Keywords
help
Followed Journals
Journal you Follow: 0
 
Sign Up to follow journals, search in your chosen journals and, optionally, receive Email Alerts when new issues of your Followed Journals are published.
Already have an account? Sign In to see the journals you follow.
Journal Cover
Computer Fraud & Security
Journal Prestige (SJR): 0.261
Number of Followers: 357  
 
  Full-text available via subscription Subscription journal
ISSN (Print) 1361-3723
Published by Elsevier Homepage  [3162 journals]
  • EVENTS
    • Abstract: Publication date: June 2018Source: Computer Fraud & Security, Volume 2018, Issue 6Author(s):
       
  • Extreme prejudice: securing networks by treating all data as a threat
    • Abstract: Publication date: June 2018Source: Computer Fraud & Security, Volume 2018, Issue 6Author(s): Steve Mansfield-DevineWhat data can you trust' These days, pretty much any traffic arriving at your network perimeter could be harbouring a hidden threat. And while many security solutions attempt to tackle this issue by recognising known malicious payloads and blocking them, few are effective against unknown threats. In this interview, Simon Wiseman, CTO of Deep Secure, explains that it may be better to treat all data as though it's potentially dangerous.
       
  • GDPR – compliance nightmare or business opportunity'
    • Abstract: Publication date: June 2018Source: Computer Fraud & Security, Volume 2018, Issue 6Author(s): Joe GarberThe EU's General Data Protection Regulation (GDPR) compliance deadline has passed. Yet recent research from the London Chamber of Commerce and Industry found that one in four London businesses was still not aware of the regulation in the run-up to its implementation.1 Troublingly, of those organisations that did know that the GDPR would affect them, just 16% stated they would be prepared for the regulation – which came into force in May.
       
  • Can consumers bank on financial services being secure with GDPR'
    • Abstract: Publication date: June 2018Source: Computer Fraud & Security, Volume 2018, Issue 6Author(s): Ralf SydekumThe face of finance is changing. Everywhere you look, institutions are abandoning the high street and moving to faster, more responsive 24-hour online services to meet customer demand. Yet, as digital engagement increases, hacker groups are changing the game and expanding their footprints of destruction with sophisticated tools to infiltrate operations, attack critical applications and gain access to data.Ralf Sydekum of F5 Networks believes that the EU's General Data Protection Regulation (GDPR) might lead to better data management and greater transparency, and will force organisations to improve their security. On the other hand, businesses that ignore requirements for transparency and fairness will suffer severe reputational and financial consequences
       
  • PSD2: Is the banking industry prepared'
    • Abstract: Publication date: June 2018Source: Computer Fraud & Security, Volume 2018, Issue 6Author(s): Mark NoctorJanuary 2018 introduced significant change for both the banking and cyber-security industries due to the introduction of the EU's updated Payment Service Directive (PSD). The mandate, known as the PSD2, enables all bank customers, both consumers and businesses, to use third-party providers to manage their finances. Despite mobile operating systems actively discouraging the linking of applications, in order to ensure data protection banks are now obligated to provide application programme interfaces (APIs) to allow third-party providers access to their customers’ accounts.The new PSD2 enables all bank customers to use third-party providers to manage their finances, meaning that banks are now obligated to provide application programme interfaces (APIs) to allow third-party providers access to customers’ accounts. Mark Noctor of Arxan Technologies asks how secure this approach will be, as well as what risks will arise and for whom.
       
  • Two-factor inauthentication – the rise in SMS phishing attacks
    • Abstract: Publication date: June 2018Source: Computer Fraud & Security, Volume 2018, Issue 6Author(s): Markus JakobssonThere are countless ways to carry out a cyber-attack, but in the vast majority the key is deception – typically involving identity deception in which the attacker poses as a trusted party to the intended victim. Many of these attacks involve stealing passwords from victims in order to access their accounts and pose as them. Therefore, with cyber-criminals constantly on the prowl to capture passwords and other credentials, two-factor authentication (2FA) has become one of the most widely accepted back-up verifications for many services and companies.With cyber-criminals constantly on the prowl to capture passwords and other credentials, two-factor authentication (2FA) has become one of the most widely accepted back-up verifications for many services and companies. However, as Markus Jakobsson of Agari points out, 2FA has its own issues. Other options are on the way, but it's more important than ever for organisations to be aware that their workforce's digital identities may be compromised.
       
  • In brief
    • Abstract: Publication date: June 2018Source: Computer Fraud & Security, Volume 2018, Issue 6Author(s):
       
  • Fortinet Threat Landscape Report
    • Abstract: Publication date: June 2018Source: Computer Fraud & Security, Volume 2018, Issue 6Author(s): While some forms of cyberthreat have decreased in volume over the past few months, it's too soon to start celebrating, according to Fortinet's latest ‘Quarterly Threat Landscape Report’ covering the first quarter of 2018. Overall, the danger is simply shifting as attackers change tactics and focus on new areas.
       
  • Cost of fraud increases
    • Abstract: Publication date: June 2018Source: Computer Fraud & Security, Volume 2018, Issue 6Author(s): The global levels of fraud are increasing, with the majority of cases being enabled by technology, while mobile fraud appears to be rising out of control. Social media is also playing a key role in this worsening picture, according to new reports.
       
  • Editorial
    • Abstract: Publication date: June 2018Source: Computer Fraud & Security, Volume 2018, Issue 6Author(s): Steve Mansfield-DevineSo the EU's General Data Protection Regulation (GDPR) is finally here. And we no longer have to guess who will be the first organisations to be caught in its net – Facebook and Google are already being sued, with writs having been issued the day the regulation came into force.
       
  • Massive malware infection targeted at Ukraine spreads worldwide
    • Abstract: Publication date: June 2018Source: Computer Fraud & Security, Volume 2018, Issue 6Author(s): A malware campaign designed to compromise network and storage equipment has infected as many as 500,000 devices worldwide, according to research by Cisco Talos. The attack appears to have started with targets in Ukraine, and several sources, including the FBI, have placed the blame on Russia.
       
  • Events
    • Abstract: Publication date: May 2018Source: Computer Fraud & Security, Volume 2018, Issue 5Author(s):
       
  • Safe talk: setting the standard for secure communications
    • Abstract: Publication date: May 2018Source: Computer Fraud & Security, Volume 2018, Issue 5Author(s): Steve Mansfield-DevineThe popularity of apps such as WhatsApp, Proton Mail and even, in its day, BlackBerry Messenger, shows that there is an appetite in the market for communications solutions that cater to people's needs for privacy and security. However, the focus has often been on consumer-oriented offerings and siloed, proprietary solutions. As Elisabetta Zaccaria and Roderick Hodgson of Secure Chorus explain in this interview, when it comes to enterprises and governments, there's a need for standards and compatibility in secure communications technology.The popularity of apps such as WhatsApp and Proton Mail shows that there is an appetite in the market for communications solutions that cater to people's needs for privacy and security.However, the focus has often been on consumer-oriented offerings and siloed, proprietary solutions. As Elisabetta Zaccaria and Roderick Hodgson of Secure Chorus explain in this interview, when it comes to enterprises and governments, there's a need for standards and compatibility in secure communications technology.
       
  • The miners strike – addressing the crypto-currency threat to
           enterprise networks
    • Abstract: Publication date: May 2018Source: Computer Fraud & Security, Volume 2018, Issue 5Author(s): Tracey CaldwellThe proliferation of crypto-currency has led inevitably to high-profile impacts on networks. In February, crypto-mining hackers hit more than 4,000 websites around the world, including UK government websites, the UK student loans company, the US courts and the City University of New York. They inserted Coinhive's Monero miner into every web page offering the Browsealoud plug-in that enables blind and partially sighted people to access web content.1 Visitors to these websites found themselves inadvertently mining for crypto-currency.The proliferation of crypto-currency has led to high-profile impacts on networks. Crypto-mining presents a number of risks to enterprise networks, ranging from enterprises' websites being hijacked to staff installing coin-mining plugins.Most major crypto-currencies such as Bitcoin can now only be mined using enterprise-level computing power, thus making enterprise networks a juicy target for illicit mining software. At the same time, more recent crypto-currencies such as Monero may still be mined using the CPU power of an individual device – which could be in your corporate network. Tracey Caldwell explores the threats and what can be done about them.
       
  • The future of Internet governance and cyber-security
    • Abstract: Publication date: May 2018Source: Computer Fraud & Security, Volume 2018, Issue 5Author(s): Maarten Van HorenbeeckIt's often unclear to Internet users who it is that actually makes the decisions that make their connection work. This is because the Internet, by definition, is a complex system that is not managed by a single organisation. In order for your connection to be successful, you use hardware built by a hardware vendor, protocols developed by Internet engineers in loose technical groups such as the Internet Engineering Task Force (IETF), networks operated by a third party and a website operated by the organisation with which you're actually interacting. That organisation probably uses a whole set of other vendors, such as content delivery networks or cloud providers, to provide the service.It's often unclear to Internet users who actually runs it. This is because the Internet, by definition, is a complex system that is not managed by a single organisation.You use hardware and software from a variety of vendors, protocols developed by Internet engineers in loose technical groups and networks operated by third parties. Maarten Van Horenbeeck of the Forum of Incident Response and Security Teams examines how this mish-mash of organisations and standards fits together and what makes it work.
       
  • In brief
    • Abstract: Publication date: May 2018Source: Computer Fraud & Security, Volume 2018, Issue 5Author(s):
       
  • 2018 Data Breach Investigations Report: the year of ransomware
    • Abstract: Publication date: May 2018Source: Computer Fraud & Security, Volume 2018, Issue 5Author(s): While many security specialists believe that the peak of the ransomware plague has passed, with cyber-criminals focusing more on crypto-mining and crypto-jacking, that particular form of malware nonetheless features large in the 11th edition of Verizon's annual Data Breach Investigations Report (DBIR).
       
  • DDoS-for-hire operation taken down
    • Abstract: Publication date: May 2018Source: Computer Fraud & Security, Volume 2018, Issue 5Author(s): A group that was providing distributed denial of service (DDoS) attacks for as little as $14.99 has been taken down by a co-ordinated effort by law enforcement agencies.
       
  • Editorial
    • Abstract: Publication date: May 2018Source: Computer Fraud & Security, Volume 2018, Issue 5Author(s): Steve Mansfield-DevineWhat do you do when the primary concept underlying your entire business model becomes ethically unacceptable' That's the dilemma facing Facebook – and, pretty soon, other social networking platforms. And it's not taking it well.
       
 
 
JournalTOCs
School of Mathematical and Computer Sciences
Heriot-Watt University
Edinburgh, EH14 4AS, UK
Email: journaltocs@hw.ac.uk
Tel: +00 44 (0)131 4513762
Fax: +00 44 (0)131 4513327
 
Home (Search)
Subjects A-Z
Publishers A-Z
Customise
APIs
Your IP address: 54.81.254.212
 
About JournalTOCs
API
Help
News (blog, publications)
JournalTOCs on Twitter   JournalTOCs on Facebook

JournalTOCs © 2009-