A former vice president of a personal protective equipment packaging firm has been sentenced to prison and ordered to pay restitution for sabotaging the company's electronic shipping records during the COVID-19 pandemic - causing delays in deliveries - after he was terminated from his job.
Security researchers at Imperva have uncovered a botnet that attacks vulnerabilities in websites' underlying content management systems and then uses these compromised servers to mine for cryptocurrency or send spam to more victims.
Fraudsters operating an election-themed phishing campaign have tweaked their malicious landing pages to harvest more information, including banking credentials, account data and vehicle identification information, Proofpoint reports.
"Cybercrime is an evolution, not a revolution," says Europol's Philipp Amann, who oversees the EU law enforcement intelligence agency's annual study of the latest cyber-enabled crime trends. Ransomware, social engineering and the criminal abuse of cryptocurrency and encryption are some of the top threats.
The IRS Criminal Investigation Cyber Crimes Unit is waging a battle against the use of cryptocurrency for financing terrorists and other money-laundering activities. Agents Chris Janczewski and Jon Gebhart describe recent cryptocurrency-related takedowns.
Microsoft and its partners are continuing to put pressure on the Trickbot malware operation, eliminating an estimated 94% of its infrastructure. But some security researchers warn that the botnet's operators are developing workarounds to re-establish its infrastructure, enabling the group to resume its activities.
MAXEX, a company that develops a digital trading platform for the secondary mortgage market in the U.S., leaked 9 GB of internal documentation as well as full mortgage applications for 23 individuals. The data was released by a Swiss-based developer who apparently was unaware it was sensitive.
To help prevent fraud, banks must leverage technologies such as behavioral analytics, device biometrics and one-time passcodes, says Nancy Guglielmo, senior vice president at the Bank Policy Institute.
A international law enforcement operation involving 16 countries has resulted in the arrest of 20 individuals suspected of belonging to the QQAAZZ criminal network, which helped launder cash and cryptocurrency for other cybercriminals.
The Joker's Stash darknet marketplace has posted a fresh collection of 3 million credit cards that are likely related to a breach of the Dickey's Barbecue Pit chain of franchised restaurants, according to Gemini Advisory.
Criminals have been seeking innovative new ways to steal cash from ATMs. In the U.S., there has been a surge in physical attacks, while Europe has seen a sharp increase in "black box" attacks designed to make ATMs dispense cash on demand.
A newly identified financially motivated threat group, dubbed "FIN11," is deploying Clop ransomware and exfiltrating data from its targets for extortion efforts, according to researchers at FireEye Mandiant.
As new payment trends emerge, such as the surge in ecommerce during the COVID-19 pandemic, payment card standards also must change, says Jeremy King of the PCI Security Standards Council, who will be a featured speaker at ISMG's Virtual Cybersecurity and Fraud Summit: London on Oct. 20.