Over the past year, there's been a surge in so-called Magecart attacks, which involve payment card data being stolen from e-commerce sites via injected attack code. Researchers say they are tracing at least six active Magecart groups, each with unique infrastructure, skimmers and targeting.
Hackers behind the FASTCash ATM cash-out attack campaign - tied by the U.S. government to North Korea - use Trojan code designed to exploit bank networks running outdated versions of IBM's AIX Unix operating system, Symantec warns.
While organizations have taken countless measures to strengthen the security of their online resources, criminals have begun to eye a far more appealing and lucrative target: the contact center. It's what Gartner calls "an epicenter of vulnerability."
From hard-dollar losses and added overhead to combat the...
Combating fraud is an ever-escalating arms race. If your organization is investigating anti-fraud solutions to stop fraud losses, lower false positives, or reduce manual workload, join this webinar. Our fraud experts will explain the top 10 technology requirements to consider - as well as their business impact, so you...
A tale of two different ransomware victims' responses: One Connecticut city says it had little choice but to pay a ransom to restore crypto-locked systems. But a North Carolina water utility hit separately says that rather than bow to criminals' demands, it will rebuild affected systems and databases.
An analysis of attacks against cryptocurrency exchanges over nearly two years shows hackers have inflicted $882 million in damages, according to the Russian security firm Group-IB. The tally of losses is likely to grow next year, the company warns.
A Department of Health and Human Services watchdog agency has launched a new web page to draw attention to the growing importance of its cybersecurity-related activities, ranging from security audits to fraud investigations.
A gang of North Korean government hackers, known as APT38, has stolen more than $100 million from banks in Asia and Africa via fraudulent SWIFT transfers, cybersecurity firm FireEye warns. Separately, the U.S. government says North Korea is also behind serious ATM malware cash-out attacks.
In Australia, it can take as few as 15 minutes to steal someone's phone number, a type of attack known as SIM hijacking. Such attacks are rising, but mobile operators have no plans to change the authentication required around number porting, which can be set in motion online with minimal personal information.
With the abundance of PII available on the dark web, there has been an explosion of synthetic identity fraud. Michael Lynch of InAuth discusses how device and user data can be leveraged to combat the fraudulent opening of new accounts.
In today's risk landscape, third-party risk management (TPRM) programs are becoming increasingly critical for businesses. In fact, Gartner estimates that by 2020, 75% of Fortune Global 500 companies will treat vendor risk management as a Board-level initiative to mitigate brand and reputation risk. However, there are...
Due to the volume of personally-identifiable information (PII) available on the black market as a result of high profile breaches, fraudsters can open an account with a real identity using a few key pieces of compromised information. Fraudsters have also begun creating synthetic identities by piecing together...
An in-depth look at the frequency, magnitude, and manner in which modern enterprise networks change and the risks these changes pose, across all F100 FSI organizations. We highlight different technological and organization processes, such as M&A events, cloud migration, IoT deployment, and network misconfigurations...
Russian national Andrei Tyurin, who's been accused of hacking into JPMorgan Chase's network in 2014 and stealing personal information on more than 83 million customers, has been extradited to the U.S. He was allegedly part of a group that hacked into brokerages, news firms, a risk intelligence company and others.
While tech-support scams have proliferated for years, the FBI says losses tied to such fraud are now higher than ever. Google has pledged to crack down on fake tech-support listings. But fraudsters regularly employ a variety of channels, including cold calls, pop-up windows and phishing emails.