Before the newly spotted AxLocker ransomware crypto-locks systems, it steals Discord tokens, which can be sold on cybercrime markets. Among Discord's many users are cryptocurrency and NFT enthusiasts, and experts say the stolen credentials facilitate attempts to socially engineer them.
As they turn their attention to identity-focused attack surfaces, threat actors are identifying on-premise and cloud-hosted Active Directory (AD) environments as primary targets.
For most enterprises, AD is the central repository for all accounts and systems within the network, and it is responsible for all...
Banks are getting better at catching a wide range of scams targeted at customer accounts, but they are still struggling with stopping authorized payment fraud through peer-to-peer payment companies such as Zelle, says David Pollino, former divisional CISO with PNC Bank.
Trade-related services resumed Monday at Central Depository Services Ltd. in India, days after trading was suspended during a cyberattack Friday. All pending trades have now been settled, though brokers report some continued IT issues. The service says it appears that no data has been compromised.
On the heels of the recent FTX financial meltdown came the theft of millions of dollars that left thousands of investors, exchanges and others in the lurch. Hugh Brooks of CertiK shares the status of data that FTX stores, the role of regulations and best cybersecurity practices for crypto exchanges.
On the heels of the recent FTX financial meltdown came the theft of millions of dollars that left thousands of investors, exchanges and others in the lurch. Hugh Brooks, director of security operations at CertiK, shares how the funds may have been stolen and what happens next.
The United Kingdom and many other countries are considering ways to make banks liable for authorized payment fraud and lift the burden from millions of victims of online scams. Trace Fooshee, strategic adviser at Aite-Novarica Group, shares his views on why this might not be such a great idea.
Hacktivists fighting a proxy online battle against Russia after its invasion of Ukraine claim to have dumped online a trove of files from the Central Bank of Russia. The IT Army of Ukraine also claimed to have disrupted payments processing at Moscow's Alfa Bank.
A French-speaking gang codenamed "Opera1er" has been tied to the theft of at least $11 million from dozens of victims - mainly banks in Africa - and remains "active and dangerous," cybersecurity researchers warn, as they release indicators of compromise to help potential victims protect themselves.
The latest edition of the ISMG Security Report discusses how Australian health insurer Medibank is deliberating on whether to pay a ransom to extortionists, analyzes the growing number of layoffs in the security vendor space, and shares a tribute to threat intelligence researcher Vitali Kremez.
All employees should consider upholding the security of the organization part of their job regardless of their official role at the company, says Equifax Business Information Security Officer Michael Owens. But creating an organization-wide cybersecurity culture is easier said than done.
With fraudsters evolving their tactics and tricking a growing number of people with authorized payment scams, it's time for banks and security solution providers to explore new ways to protect consumers who are left holding the bag, says Ian Mitchell, managing partner at Omega FinCrime.
Fallout from the hack of Australian health insurer Medibank continues to worsen as the company twice this week acknowledged a wider set of affected individuals. Hackers had access to the personal data of 4 million individuals and significant amounts of health claims data.
Since Zelle fraud has increased 109% in the United States, the banking industry is struggling to reduce authorized push payment scams. Ken Palla, former director at Union Bank, shares tips for combating fraudsters, including delays on large transactions, education and behavioral analytics.