The payment card industry needs to do more to tackle the rising problem of fraud, says information security expert William H. Murray, pointing to the new Apple Card - which lacks the card number printed on it - as an example of how the industry must evolve. But numerous cultural challenges remain, he says.
Patch or perish redux: Hackers are unleashing automated attacks to find and exploit known flaws in SSL VPNs manufactured by Fortinet and Pulse Secure to steal passwords. The exploits come despite both vendors having released patches several months ago - Pulse Secure in April, Fortinet in May.
After two months of inactivity, the notorious Emotet botnet is poised to start delivering malicious code again; active command-and-control servers have been spotted in the wild, researchers at the security firm Cofense warn.
U.K. authorities are attempting to seize more than $1.1 million in cryptocurrency from a notorious British hacker who carried out attacks that targeted more than 100 companies over a two-year period, according to the Metropolitan Police Service. The currency will be sold, with proceeds used to compensate victims.
The latest digital identity capabilities and fraud-fighting technologies, including greater use of machine learning and threat intelligence, enable organizations to take a bigger bite out of cybercrime, says Shaked Vax of IBM Security's Trusteer.
Where have all the hacktivists gone? While the likes of Anonymous, AntiSec and LulzSec became household names in the early 2010s, in the past three years the number of website hacks, defacements and information leaks tied to bona fide hacktivists has plummeted.
Eighty suspects, most of them Nigerian nationals, have been indicted on charges of running global business email compromise and romance scams that led to millions of dollars in fraud and allegedly involved a complex money-laundering operation.
Chinese advanced persistent threat groups are targeting cancer research organizations across the globe with the goal of stealing their work and using it to help the country address growing cancer rates among its population, according to researchers at cybersecurity company FireEye.
The latest edition of the ISMG Security Report analyzes the ransomware attack on Texas municipalities as part of a broader trend. Also featured: An initiative designed to safeguard the 2020 presidential elections and a CIO's third-party risk management efforts.
Cybercrime marketplaces Genesis and Richlogs are helping fraudsters to better impersonate legitimate users of banks, eBay, Amazon, Netflix and more by providing them with victims' legitimate "digital fingerprints" and replay tools designed to fool anti-fraud defenses.
"Silence," a Russian-speaking criminal group that has stolen $4.2 million from ATMs and financial institutions since 2016, has become more active this year, using new tools and tactics in its attacks and expanding its reach globally, according to the security firm Group-IB.
Account takeover continues to be a lucrative path for fraudsters across all industry sectors. But Scott Olson of iovation says there are different levels of defense that can be deployed, based on the risk of specific types of transactions.
Federal government agencies experienced 12 percent fewer cyber incidents in 2018, when there were no "major" data breaches, according to a new White House report. But the report notes there's still plenty of risk mitigation work to be done.
Researchers at the security firm Doctor Web have uncovered a fake website for a VPN provider that's designed to spread a Trojan that can steal credentials to bank accounts.
Ransomware-wielding attackers continue to target not just big businesses and large government agencies, but increasingly their smaller counterparts too. In Texas, officials say a campaign tied to a "single threat actor" infected 22 local government agencies on Friday.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.