Visa's Payment Fraud Disruption team reports that cybercriminals are increasingly using web shells to establish command and control over a retailers' servers during payment card skimming attacks.
Loving your pet and creating tough-to-crack passwords should remain two distinctly separate activities. Unfortunately, Britain's National Cyber Security Center reports that more than 1 in 6 Brits admit to using the name of a pet as their password. And the problem is global.
Crisis communications: If your organization suffers a ransomware outbreak - despite its best cybersecurity efforts - is it ready to respond quickly and transparently? Experts have lauded the Scottish Environment Protection Agency for its response, saying it's a model for other victims to emulate.
A Russian-speaking cybercriminal recently sold on a darknet forum thousands of stolen payment and gift cards that researchers at Gemini Advisory believe were taken from the now-defunct online gift card exchange Cardpool.com.
The zero-day attacks against Accellion's File Transfer Appliance show that a number of big-name firms continued to use the legacy technology - even though more secure, cloud-based options were available. Evidently, many CISOs didn't see a compelling reason to move on. Of course, now they do.
As digital payments have skyrocketed as a result of the surge in e-commerce during the pandemic, more organizations have provided feedback on enhancing EMVCo's specifications to help fight fraud, two executives with the global technical body say.
A Russian national who co-founded the Infraud Organization's online cybercrime forum, which trafficked in stolen payment card data and was tied to more than $560 million in fraud losses, has been sentenced to serve 10 years in prison.
It has been an open question as to how a half-dozen hacking groups began exploiting Exchange servers in an automated fashion in the days leading up to Microsoft's patches. But there are strong signs that the exploit code leaked, and the question now is: Who leaked it?
Nearly four years after the WannaCry ransomware hit the world, targeting the EternalBlue vulnerability in Microsoft SMB version 1, security firms say the malware continues to be a top threat detected in the wild by endpoint security products. Why won't WannaCry just die?
In 2020, a cybercrime operation known as ShinyHunters breached nearly 50 organizations, security researchers say. And this year, it shows no signs of slowing down - it's already hacked e-commerce site Bonobo and dating site MeetMindful.
Cybercriminal gangs operating darknet stolen payment card marketplaces are scrambling to attract customers from the now-closed Joker's Stash card market, according to the security firms Kela and Flashpoint.
After being hit by SolarWinds hackers, the Administrative Office of the U.S. Courts instructed the nation's district courts to restrict the filing of sensitive information to hard copy or "secure electronic devices." But will this defense create an even bigger bureaucratic fallout than the attack itself?
Ransomware attacks continue to pummel organizations, but fewer victims have been paying a ransom, and when they do, on average they're paying less than before, says ransomware incident response firm Coveware, which traces the decline to attackers failing to honor their data deletion promises.
Joker's Stash, the notorious underground marketplace that has specialized in the sale of stolen payment card data, is reportedly shutting down in February with its administrator claiming he will "retire" at that time, according to Gemini Advisory. Researchers say fraudsters will quickly move to other sites.
Following the discovery that attackers Trojanized SolarWinds' Orion software, expect the list of organizations that were running the backdoored network-monitoring tool to keep increasing. But with this being a suspected cyberespionage operation, attackers likely focused on only the juiciest targets.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.