The Defense Advanced Research Projects Agency has awarded Georgia Tech a $2.9 million grant to develop a process for quickly identifying and then defending against low-volume DDoS attacks, which are far more common than high-volume attacks but can be just as disruptive.
The FTC and FCC have launched security investigations of mobile device makers and wireless carriers, citing growing concerns over vulnerabilities that threaten "the security and integrity" of these products and services. The regulators are examining how security patches are distributed.
Close on the heels of the QNB leak, the same attackers have published data that appears to be from UAE-based InvestBank. The dump appears to contain payment card data, as well as a large number of sensitive, internal files relating to the bank's employees and systems.
Anonymous is threatening global banks with 30 days of distributed denial-of-service attack disruptions and temporarily disrupted the Bank of Greece website as a preview. Security experts say all banks should take the DDoS threat seriously.
Following a massive data leak, Qatar National Bank has confirmed that its systems may have been hacked. A group with Turkish ties has claimed credit for the attack and reportedly threatened to release information from a second bank hack.
Because of his "substantial assistance" to federal prosecutors, the mastermind behind the Gozi banking Trojan will serve no additional prison time, but will pay nearly $7 million for forfeiture and restitution linked to the tens of thousands of bank accounts compromised by Gozi.
Just six months after law enforcement agencies coordinated a takedown to disrupt online banking credential theft linked to the banking Trojan Dridex, the malware has re-emerged with new attack tactics and new targets, researchers say. U.S. bank accounts and businesses are now primary targets.
In the aftermath of the settlement of banks' post-breach lawsuit against Target, one financial institution is now suing Wendy's seeking to recoup breach-related expenses for all affected card issuers. But are the suit's claims about the impact of a lack of EMV capabilities justified?
Vladimir Tsastin, an Estonian national, has been sentenced to serve more than seven years in prison and pay a $2.5 million fine after pleading guilty to running a $14 million click-fraud scheme with more than 4 million victims across 100 countries.
The House of Representatives has unanimously approved the Email Privacy Act, which would require law enforcement to obtain a warrant before compelling third-party service providers to surrender their customers' email and text content. The measure now goes to the Senate, where it has bipartisan support.
Qatar National Bank has suffered a massive breach involving 1.4 GB of sensitive internal files being dumped online by unknown attackers. Experts say customers' records, access credentials and payment card data have been exposed.
In an alert to banks, SWIFT warns that it's seen repeat attempts by hackers to subvert its messaging system, which banks around the world use to move money. It's released a "mandatory" software update to help customers identify signs of attack.
A report that the $81 million Bangladesh Bank heist was linked to customized malware has raised questions about the security of SWIFT transactions. But the more critical issue, fraud experts say, is the need for banks to have proper security controls in place to detect and prevent network intrusions.