Until now there has been an ongoing struggle regarding who owns the money mules and scams problem – Credit Risk, AML (KYC), or Fraud Management? With liabilities shifting, ownership is clearly landing on the shoulders of Fraud Management teams. Fraud leaders must act quickly or risk losing revenue, their reputation,...
Genetics testing firm 23andme is facing intensifying scrutiny in the wake of a credential stuffing hack that leaked genetic ancestry information of potentially millions of customers. That includes at least 16 proposed federal class action lawsuits and an inquiry by a high-ranking U.S. senator.
This week: espionage group exploits a zero-day in Roundcube Webmail, Cloudflare records a surge in HTTP DDoS attacks, ZScaler detects a spike in IoT hacks, the International Criminal Court says its cyber incident was espionage and the Kansas court system still offline.
A financially motivated hacking group is becoming more aggressive, leading Microsoft to dub it "one of the most dangerous financial criminal groups." Octo Tempest is the rare English-speaking affiliate of Russian-speaking ransomware group BlackCat.
ChatGPT can craft almost perfect phishing emails in five minutes, nearly beating a social engineering team with decades of experience, the results of a "nail-biting" experiment by IBM showed. The "humans emerged victorious, but by the narrowest of margins," the report said.
Businesses don’t stand and operate alone. Organizations partner with an average of 10 third-party vendors to manage their operations. These firms include suppliers, manufacturers, service providers, software vendors, distributors, resellers, and agents.
Because of this large and diverse network of companies working...
A cyberattack on a shared IT services organization is forcing five member hospitals in Ontario to cancel or reschedule patient appointments and steer nonemergency patients to other facilities. Attacks against third-party vendors are rising, and many regional hospitals are unprepared.
Widely used password management software provider 1Password said a hacker breached had one of its systems but failed to steal any sensitive data, after stealing a valid session cookie from the customer support system of its access and identity management provider, Okta.
Spanish police arrested 34 members of a cybercrime group that used phishing and other tactics to extort nearly 3 million euros from victims. The group is believed to have stolen data of more than 4 million banking customers to target its victims.
Threat actors are exploiting another zero-day flaw in Cisco's IOS XE software to implant a malicious backdoor. The IOS XE operating system runs on a wide range of Cisco networking devices, including routers, switches, wireless controllers, access points and more.
Attorneys general across 33 states have reached settlements for three health data breaches that affected nearly 2 million people, including a $1.4 million settlement for a clearinghouse that left patient data exposed for three years. The AGs accused the firms of violating state laws and HIPAA rules.
The Clop ransomware operation's recent mass zero-day exploit of Progress Software's MOVEit secure managed file transfer software followed the criminals launching similar attacks against users of Accellion FTA, SolarWinds Serv-U and Fortra GoAnywhere.
The hacker who allegedly leaked mental health records online after breaking into a Helsinki-based psychotherapy chain's patient database has been charged in Finnish court with multiple counts of extortion and leaking data. Finnish national Aleksanteri Tomminpoika Kivimäki, 26, has denied guilt.
The FBI is warning plastic surgery practices and their patients of cybercriminals targeting their sensitive health information and medical photos for extortion schemes. The alert followed recent hacking incidents at several plastic surgery practices involving data theft.
Thousands of North Korean IT workers hid their identities to earn hundreds of millions of dollars in IT contract work from overseas companies to help finance the country's weapons development program, U.S. and South Korean agencies said. Officials said to watch for workers who are camera-shy.