Bugs, also referred to as software vulnerabilities, are flaws that can be abused to cause a system or software to have unintended behaviors that disclose sensitive information, negatively impact availability, or provide unauthorized access. These bugs are what malicious hackers use to successfully achieve their after-action goals in a long kill chain of steps. Thus, the life cycle of a vulnerability to active exploitation can be described as starting with vulnerability researchers’ or malicious hackers’ discovery of a bug in a software or application, and if the bug is found by a malicious hacker, the active exploitation of the bug in the "wild" until the manufacturer or developer creates a fix or patch that renders the exploit ineffective.
You are here
I've seen a lot of board rooms over the last 18 years and have met with boards of directors for companies with as few as 100 employees and companies with as many as 50,000 employees. In every one of these meetings, I've been asked the inevitable, arguably rhetorical question, "Are we secure yet?"
“Dear password, we’ve been together for over 28 years now. As a matter of fact, you were my first authentication mode. You made sense at one point in my life when I needed something that simply just worked. Now, you aren’t enough for me ; I need more — something you can’t offer. It’s time for me to move on and leave you in my past. We grew up together since telnet; we worked perfectly together with Secure Shell (SSH), even though at the time there were better alternatives, such as keys. But now, I’ve sat back for too long now and watched others abuse you, and I love you too much to watch people treat you like you’re nothing but password123 or letmein.”
- Love always, Alissa Knight
Aite Group’s inaugural Financial Crime Forum was held in Charlotte, North Carolina, last month. This annual forum is dedicated to improving financial crime fighting efforts in the financial services industry. The forum consisted of panel discussions led by industry experts from both vendors and financial services organizations; they addressed fraud and anti-money laundering (AML) best practices that are being implemented at financial institutions (FIs). Improvement efforts were often focused on new software automation processes and the successful results obtained through the use of new technologies.