Ransomware attacks remain the top cyber-enabled threat seen by law enforcement. But phishing, business email compromises and other types of fraud - many now using a COVID-19 theme - also loom large, Europol warns in its latest Internet Organized Crime Threat Assessment.
While most payment card skimming attacks zero in on ecommerce sites for consumers, a newly discovered attack targeted PlayBack Now, an online video conferencing firm, Malwarebytes reports.
From Friday through Monday, malicious JavaScript skimming code was injected into nearly 2,000 e-commerce sites that were running an older version of Adobe's Magento software, possibly resulting in the theft of payment card data, according to Sanguine Security.
Visa's payment fraud disruption team is warning of a recently uncovered digital skimmer called "Baka" that is stealing payment care data from e-commerce sites while hiding from security tools.
A flaw in how contactless cards from Visa - and potentially other issuers - have implemented the EMV protocol can be abused to bypass PIN verification for high-value transactions, ETH Zurich researchers warn. But Visa says the exploits would be "impractical for fraudsters to employ" in real-world attacks.
Some payment card fraud detection systems that rely on artificial intelligence are now less effective because of changes in consumers' habits during the COVID-19 pandemic, says Rene Perez of Jack Henry & Associates, who offers insights on needed adjustments.
Some fraudsters are now using the encrypted instant messaging app Telegram as a fast and easy way to steal payment card data from ecommerce sites, according to an analysis from Malwarebytes.
BREAKING DOWN THE NEW TRENDS IN ONLINE EXTORTION THREATS
Ransomware is one of the fastest-growing threats in cybersecurity, with damages predicted to crest $20 billion globally by 2021, up from "only" $345 million* in 2015.
This paper explains the evolution of ransomware by breaking down the new trends in online...
Implementing an adaptive, risk-based authentication process for remote system access is proving effective as more staff members work from home during the COVID-19 pandemic, says Ant Allan, a vice president and analyst at Gartner.
The IcedID banking Trojan has been updated with additional evasion techniques, including a password-protected attachment, keyword obfuscation and a DLL file that acts as a second-stage downloader, according to Juniper Threat Labs.
The number of banking Trojans targeting users of mobile devices doubled in 2018. Cybercriminals are now investing more time and money than ever in attacking the mobile channel. To combat this, banks and FIs need to empower their mobile app developers with effective, efficient tools to apply proactive, client-side...
Chaos ensued when miscreants interrupted a virtual bail hearing on Wednesday for the suspected Twitter hacker, hijacking the feed with screams, chatter and, for a few brief seconds, pornography. The meeting details were public, and the meeting had not been password protected.
A member of the infamous Infraud Organization who was the creator of a malware strain called FastPOS has pleaded guilty to a federal conspiracy charge. Valerian Chiochiu assisted other cybercriminals through the Infraud site before authorities shuttered it in 2018, prosecutors say.
The latest edition of the ISMG Security Report analyzes the hacking of Dave, a mobile banking app. Plus: Sizing up the impact of GDPR after two years of enforcement and an assessment of IIoT vulnerabilities.
The latest edition of the ISMG Security Report analyzes the hacking of high-profile Twitter accounts. Also featured: Addressing security when offices reopen; the role of personal protective equipment, or PPE, in money laundering during the pandemic.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
