The FBI has arrested another alleged member of the FIN7 cybercrime gang, which has been stealing millions of payment cards and other financial data since at least September 2015. It's the fourth arrest of those tied to the group.
The surge in e-commerce as a result of the COVID-19 pandemic means more payment card transactions - and more card fraud, says Jordan McKee of 451 Research, who discusses the latest trends.
Anubis, one of the most potent Android botnets, apparently is getting a refresh a year after its source code was leaked, security researchers say. The changes could help fraudsters more closely monitor activity on hacked devices.
The latest edition of the ISMG Security Report analyzes the many challenges involved in developing and implementing contact-tracing apps to help in the battle against COVID-19. Also featured: A discussion of emerging privacy issues and a report on why account takeover fraud losses are growing.
Cybercriminals are hiding malicious JavaScript skimmers in the "favicon" icons of several ecommerce websites in an effort to steal payment card data from customers, researchers at Malwarebytes say.
Five suspected members of the InfinityBlack hacking group have been arrested, and authorities in Europe say they've seized two databases with more than 170 million entries, including combinations of stolen usernames and passwords.
Krista Tedder of Javelin Strategy analyzes key findings from a new report on identity fraud that shows that while account takeover incidents are decreasing, losses are growing.
A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB. The campaign, which targets Office 365 users, appears to trace to attackers operating from Nigeria and South Africa.
Microsoft has pushed out a patch for a vulnerability in its Teams collaboration platform that could allow an attacker to take over an organization's accounts through the use of a weaponized GIF image.
Expectations of online businesses have never been higher. Customers expect frictionless and personalized experiences, while demanding evermore streamlined registration processes. And if they don't get them, they'll take their business elsewhere.
Resultantly, businesses are experiencing a profound tension. How do you...
Designing Security as a User Experience
The ongoing battle between attackers and defenders have left valid users caught in the middle. Protecting user accounts with aggressive security policies leads to false positives and needlessly locks valid users out of their account, while lenient security policies lead to...
Users - One of the Weakest Links in Your Cybersecurity Strategy
They say 'it's all about who you know' - for cybersecurity, that's partially true. If a cyberattacker knows your users, there's a good chance they can get into your network. Why? Because they can take what they know - usually an email address or...
The FBI has arrested a Russian national for allegedly helping an international cybercriminal gang launder its money by turning cash into bitcoin and other cryptocurrencies, according to court documents.
If you conduct business online, provide your customers and partners with secure web-access to your systems, or just have a brand worth spoofing, it is very likely your brand is already being exploited via email or the web. This attack technique has gone well beyond the big internet brands like Microsoft, ebay, and...
Emotions about the global pandemic are running high, and attackers are taking advantage. Researchers have observed criminals spreading malware by impersonating official sources, distributing malicious COVID-19 maps and trackers, and malvertising on coronavirus-related news stories.
As security professionals, we...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
