A global law enforcement operation has resulted in the arrest of 281 suspects allegedly involved in business email compromise scams. The announcement comes on the same day as the FBI's Internet Crime Complaint Center says that losses from BEC scams have hit $26 billion and are continuing to rise.
Cybercrime is surging thanks, in part, to the availability of inexpensive hacking tools and services. A recent look by security firm Armour at black market offerings finds stolen payment card data, RDP credentials, ransomware and DDoS services are widely available for sale.
A "zero trust" security model makes it easier to manage application access and protect against malicious users, but the rollout of the model must be managed in a very organized way, says Mani Sundaram, CIO and EVP, Global Services and Support, at Akamai Technologies.
Facebook and Twitter have suspended a number of accounts and pages that they have tied to information operations being run by the Chinese government. Disinformation has targeted pro-democracy demonstrators in Hong Kong - likening them to cockroaches - while dismissing anti-Beijing sentiment as "fake news."
The Monetary Authority of Singapore, the nation's central bank, has mandated that financial institutions comply with risk management guidelines within the next 12 months in an effort to strengthen the cyber resilience of these organizations.
The cause of Capital One's breach is known. But experts say the incident still raises questions over why Capital One held onto personal data so long and if the bank was adequately monitoring administrator accounts.
JPMorgan Chase researchers have published a new paper describing their efforts at developing a novel "early warning" system based on artificial intelligence algorithms that can detect malware, Trojans and other advanced persistent threats before the phishing campaign that targets the bank's employees even starts.
A Seattle-area woman has been charged with accessing tens of millions of Capital One credit card applications after allegedly taking advantage of a misconfigured firewall. The incident is likely to increase calls for better corporate caretaking of sensitive consumer data.
National Australia Bank says it is contacting 13,000 customers after personal account data was uploaded without authorization to two data service providers. The bank, which apologized, says the data has been deleted and was not disclosed further.
When leveraging AI and machine learning to drive banking innovations, it is essential to take a structured approach in implementing security-by-design for conducting proper risk assessment of the organizations and people involved, says Sameer Ratolikar, CISO, HDFC Bank
Fraudsters continue to get new tricks up their sleeves. Criminals are increasingly using Apple Pay, setting up mobile call centers to socially engineer victims as well as tricking consumers via fake e-commerce sites that never fulfill orders, fraud-fighting experts warn.
Authorities in Bangladesh are investigating hacker attacks against at least three banks in that nation last month. Dutch Bangla Bank Ltd. lost as much as $1.4 million in an attack, which apparently involved planting malware in an ATM switch, according to news reports.
WhatsApp, the messaging service owned by Facebook, says it's ready to launch its digital payment services, WhatsApp Pay, in India following its beta test. But the Supreme Court says WhatsApp first must comply with RBI's data localization requirements.
Many corporate boards of directors in India have made progress in recognizing cybersecurity as a priority. But clearly, they still have a lot of work to do. Panelists at a recent ISMG summit in Bengaluru offer insights.
Criminal gangs have been hitting e-commerce sites hard lately by injecting their malicious code to "skim" customers' payment card details. In a recent twist, Malwarebytes spotted a malicious iFrame that steps in front of the normal payment process to intercept card details.