Apple is opening up its bug bounty program to all researchers, increasing the rewards and expanding the scope of qualifying products in a bid to attract tips on critical software flaws. The changes were announced at last week's Black Hat security conference in Las Vegas.
Some members of a hacking group with ties to China's government that's primarily known for its complex cyberespionage campaigns have developed a side business targeting the global gaming industry for financial gain, the security firm FireEye says.
Threat actors are increasingly targeting the APAC region for payment card fraud, according to a report from Gemini Advisory. For example, a group of hackers recently stole information on more than 1 million credit cards in South Korea. What can be done to stop the fraud?
A new variant of the Ursnif Trojan is targeting vulnerable systems in an attempt to steal banking passwords and other credentials. The malware is spreading through infected Microsoft Word documents, and it has the ability to evade advanced security filters, according to security researchers at Fortinet.
Insurer State Farm has been hit by a credential-stuffing attack designed to gain access to U.S. customers' online accounts, a company spokesperson confirms.
Since it was first spotted in January, the Baldr credential stealer has spread from Russian underground forums throughout the global gaming industry as cybercriminals look to harvest IDs as well as payment information from victims, according to a new analysis from Sophos Labs.
The Justice Department has indicted two men on charges of paying more than $1 million in bribes to AT&T employees who helped plant malware on the carrier's network and access the company's internal systems. The complicated scheme involved unlocking 2 million smartphones from AT&T's network, prosecutors say.
A confidential, leaked UN report warns that North Korea has funneled an estimated $2 billion - stolen via online bank and cryptocurrency exchange heists as well as generated via cryptocurrency mining - into its nuclear and missile-development programs.
The hacking subculture has been emboldened by a lack of prosecutions for cybercrime worldwide, says Tom Kellermann of Carbon Black, who addresses the evolving threat landscape.
More lawsuits have been filed in the wake of the Capital One breach that exposed the data of more than 100 million individuals. GitHub is also a target of one of those lawsuits, which alleges the code-sharing site failed to promptly remove breached data.
A new strain of ransomware called MegaCortex is beginning to fill part of the void left by GandCrab and other variants that have been discontinued, targeting large corporations with huge ransom demands, according to a new analysis released Monday by Accenture's iDefense.
Capital One's enormous data breach is a subject of intense scrutiny as well as fear. A definitive post mortem is likely months away. But security professionals have ideas as to how the breach was achieved and the weaknesses that led to it.
The latest edition of the ISMG Security Report analyzes the root causes of the Capital One data breach. Also featured: breach remediation advice and compliance with New York's new third-party risk management requirements.
A newly discovered vulnerability in Visa's contactless payment cards could allow fraudsters to bypass payment limits of 30 British pounds ($37) at U.K. banks, according to researchers at Positive Technologies, who claim the vulnerability could be exploited in other countries as well.
A federal judge has granted preliminary approval for a $74 million settlement of a consolidated class action lawsuit against health insurer Premera Blue Cross stemming from a 2014 data breach that affected 11 million individuals. More money will go to security enhancements than to victim reimbursement.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.