Decommissioned domains that were part of the pervasive Magecart web-skimming campaigns are being put to use by other cybercriminals who are re-activating them for other scams, including malvertising, according to researchers at RiskIQ.
Russian national Andrei Tyurin, who was extradited last year from Eastern Europe to the United States, has stated that he plans to accept a plea deal he's reached with federal prosecutors. Tyurin has been charged with numerous crimes, including hacking JPMorgan Chase and stealing 83 million customer records.
An unsecured database owned by an Ecuadorian consulting company left over 20 million records on the South American country's citizens exposed to the internet, according to a report from two independent security researchers. An official investigation is underway.
One of the three Ukrainian men charged with leading the notorious Fin7 hacking group, which prosecutors say stole 15 million payment cards, has pleaded guilty to two federal charges.
A global law enforcement operation has resulted in the arrest of 281 suspects allegedly involved in business email compromise scams. The announcement comes on the same day as the FBI's Internet Crime Complaint Center says that losses from BEC scams have hit $26 billion and are continuing to rise.
Researchers at Kaspersky discovered malware hiding in advertising within a recent version of the popular CamScanner app for Android smartphones. Over the years, the app has been downloaded over 100 million times from the Google Play store.
A new variant of the TrickBot banking Trojan is enabling attackers to conduct SIM swapping schemes against Verizon Wireless, Sprint and T-Mobile customers in the U.S., potentially paving the way for account takeover fraud, according to a report from Dell's SecureWorks division.
In a series of recent attacks attributed to the umbrella criminal group known as Magecart, malicious JavaScript code was injected into over 80 e-commerce websites to steal credit card and other customer data, according to a new report from the security firm Arxan, which highlights the sites' vulnerabilities.
The payment card industry needs to do more to tackle the rising problem of fraud, says information security expert William H. Murray, pointing to the new Apple Card - which lacks the card number printed on it - as an example of how the industry must evolve. But numerous cultural challenges remain, he says.
After two months of inactivity, the notorious Emotet botnet is poised to start delivering malicious code again; active command-and-control servers have been spotted in the wild, researchers at the security firm Cofense warn.
"Silence," a Russian-speaking criminal group that has stolen $4.2 million from ATMs and financial institutions since 2016, has become more active this year, using new tools and tactics in its attacks and expanding its reach globally, according to the security firm Group-IB.
For at least half a decade, HSBC helped to wash hundreds of billions of dollars for drug mobs, including Mexico's Sinaloa drug cartel, as well as move money for terrorist organizations linked to Al Qaeda and Hezbollah and for Russian gangsters. Furthermore, HSBC helped countries like Iran, the Sudan and North Korea...
A little over a week after a breach at Capital One was revealed, more U.S. lawmakers are raising questions about what happened at the bank, including what role, if any, Amazon may have played in opening the door to the intrusion.
Protecting your enterprise from breaches and account takeovers has never been a bigger challenge. New tools make it possible for even unsophisticated actors to perform advanced, widespread attacks that put your organization at risk. According to the 2019 Verizon Breach Report, stolen credentials are the leading attack...
FIN8, a hacker group that targeted POS devices in the hospitality and retail sectors, is back on the scene with new malware, including the Badhatch backdoor that's designed to steal payment card data, according to researchers with Gigamon's threat detection unit.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
