Records of more than half a million customers of a lending service owned by India's largest private sector bank are apparently downloadable for free on a criminal data breach forum. HDFC Bank says it detected a data breach at one of its service providers that processes customer information.
Here's further proof many cybercriminals are rampant self-promoters: Credit card market BidenCash, which sells compromised payment card data, dumped 2 million payment cards for free. This shows that competition between carder markets - and increasingly, Telegram-based vendors - is fierce.
The Biden administration's national cybersecurity strategy emphasizes bolstering critical infrastructure sector protections, including setting minimum security requirements and enhancing collaboration. But observers says the industry needs more resources and a better security posture to comply.
The Royal ransomware group targeting critical infrastructure in the United States and other countries is made up of experienced ransomware attackers and has strong similarities to Conti, the infamous Russia-linked hacking group, according to a new alert issued by U.S. authorities.
Eset researchers discovered the first in-the-wild bootkit malware, BlackLotus, bypassing security and booting up on fully up-to-date Windows 11 systems. Researchers found the Unified Extensible Firmware Interface bootkit in 2022, being sold on hacking forums for $5,000.
A Georgia man who is the chief operating officer of a network security firm can't escape criminal charges related to a 2018 cyberattack against a local medical center. Vikas Singla faces 18 charges of illegal hacking, including 15 charges for disrupting a Lexmark printer network.
In this week's roundup: an incident affecting News Corp and ransomware at Dish Network, Washington's Pierce Transit and the U.S. Marshals Service. Also: a DDoS attack on Danish hospitals from a threat actor that isn't what it claims and a bit of good news about a ransomware decryptor.
The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them. Goals include minimum security requirements for critical infrastructure sector organizations and liability for poor software development practices.
Identity Security is more critical than ever before in today’s modern business. But finding the right solution can be a monumental task. Cybersecurity decision makers must consider several key requirements to ensure they choose the right solution.
In this buyer’s guide to privileged access management, learn...
Security researchers uncovered an investment scam network that draws on an online infrastructure of hundreds of hosts and thousands of domains to target primarily Indian victims by impersonating Fortune 100 companies. Most payment amounts defaulted to Indian rupees.
Your adversary usually relies on stealth, getting in and out without leaving a trace. Ransomware would seem to be the exact opposite. It is designed to be 100% visible to the victim: a ransom note, and an inaccessible computer. But this is only true about the attack payload.
The key to stopping ransomware isn’t...
A campaign targeting government entities in the Asia-Pacific and North America regions with an info stealer hosted on a Discord server shares infrastructure with a campaign that used Microsoft OneNote to deliver malware. Menlo Security says the unknown threat actor doesn’t seem to be a major player.
The Asia-Pacific region had the dubious distinction of being the global region that faced the most cyberattacks during 2022, as observed by IBM's threat intelligence platform. IBM says the region accounted for 31% of all incidents monitored during 2022.
Tools such as image analysis are of little help to banks dealing with check fraud since, most of the time, checks that are deposited are legitimate, says Karen Boyer, senior vice president for financial crimes at M&T Bank. She says the best way to deal with this fraud is to closely monitor accounts.
Cybercrime experts have long urged victims to never pay a ransom in return for any promise an attacker makes to delete stolen data. That's because, as a recent case highlights, whatever extortionists might promise, stolen personal data is lucrative, and it often gets sold six ways from Sunday.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
