The University of California San Francisco says it paid a $1.14 million ransom earlier this month to obtain decryptor keys to unlock several servers within its school of medicine that were struck with ransomware.
Is the Fxmsp hacking operation still in business? Experts say Fxmsp earned $1.5 million in illicit profits, thanks to a botnet-based business model that enabled the group to sell remote access to hacked networks. But then it advertised source code allegedly stolen from three anti-virus vendors.
How long does it take to become a reliable, trusted seller in the cybercrime-as-a-service ecosystem? For the Fxmsp hacking collective, experts say the answer is about a year. The group built a botnet that facilitated network intrusions and data exfiltration, but it was driven off cybercrime forums.
A Russian national charged in connection with co-creating the Infraud Organization's online cybercrime forum that sold stolen payment card data and was tied to $530 million in fraud losses has pleaded guilty.
Aleksey Burkov, who operated a site called "Cardplanet" that trafficked in stolen payment card data used to make millions of dollars in fraudulent purchases, has been sentenced to nine years in federal prison. His case also involved high-level negotiations between the U.S., Russia and Israel.
Eight U.S. cities recently had payment card data stolen via point-of-sale skimming malware on their Click2Gov online payment platforms, according to Trend Micro, which says five of those cities had already been victims of similar Magecart-style attacks in recent years.
A man from the state of Washington has been sentenced to 13 months in federal prison for his role in developing the Satori botnet, which was used to conduct several large-scale DDoS attacks. The Justice Department also unsealed indictments naming co-conspirators.
This edition of the ISMG Security Report analyzes whether IoT devices will outlive their security updates. Also featured: Why security spending needs to shift further upstream; could banks be custodians of identity?
Troy Leach of the PCI Security Standards Council discusses how the shift to card-not-present transactions during the COVID-19 pandemic has created new fraud-fighting challenges and offers an update on pending standards revisions.
The U.S. Department of Justice unsealed a superseding indictment against WikiLeaks founder Julian Assange that expands the scope of the government's case against him. Federal prosecutors now allege that Assange conspired with the Anonymous and LulzSec groups to obtain classified information to publish.
A hacking group dubbed CryptoCore has stolen more than $200 million in virtual currency from several cryptocurrency exchanges over the past two years, the security firm ClearSky Cyber Security reports.
Compromised Credentials Monitoring (CCM) allows users to monitor exposure of compromised credentials for their enterprise domains and customer email addresses to take action after breaches to mitigate risk of account takeover (ATO). Flashpoint's advanced technology quickly collects and processes data and credentials,...