Two Russian men have been charged with stealing more than $100 million from banks around the world using the notorious Dridex malware, according to an unsealed U.S. indictment that caps off a decade-long investigation led by American and British law enforcement agencies.
"We can see criminals are moving up the financial value chain from attacking lots of targets with smaller rewards to smaller numbers of targets with higher rewards," says Ho.
What are the key mobile security threats to financial organizations, and how are these enterprises marshalling their mobile threat defense? These were the questions posed by ISMG and Wandera to security leaders in San Francisco. Wandera's Michael Covington discusses the response.
Adobe says its e-commerce Magento Marketplace has been breached, exposing usernames, email addresses and more. The software giant has yet to detail how many users were affected or the breach duration. Unfortunately, the stolen data could be used to fuel phishing attacks.
South Korean cryptocurrency exchange Upbit says hackers have stolen $49 million worth of ethereum, in what is the year's seventh major cryptocurrency heist. Much of the $158 million stolen so far this year is likely fueling the North Korean regime's appetite for luxury goods and weapons of mass destruction.
Twitter users no longer have to supply a phone number in order to use two-step verification for authentication. The move will better protect accounts from SIM hijacking attempts and also means users don't have to sacrifice some of their privacy to enable a security feature.
The Reserve Bank of India will soon begin accepting applications from retail payment firms to be the first to test products under its Regulatory Sandbox initiative.
The notorious Joker's Stash cybercrime marketplace, which specializes in selling stolen payment card data, has a new listing for 1.3 million credit and debit cards, almost all of which appear to have been issued by Indian banks, reports threat intelligence firm Group-IB.
The Cyber Security Agency of Singapore has come up with an operational technology and cybersecurity master plan aimed at building a secure and resilience ecosystem to protect critical infrastructure. But will implementation prove feasible?
Delayed enforcement of the "strong customer authentication" requirements for online transactions under the European Union's PSD2 regulation is hampering efforts to enhance security. That's why the European Banking Authority should act quickly to develop a new timeline.
As a perennial favorite target for thieves, payment fraud tends to give threat actors access to great reward. Moreover, as security evolves, so does the threat.
Join Gord Jamieson, head of Visa Canada's risk services, as he examines:
the revolution of payment security;
the evolving nature of fraud;
growth in...
Russian national Andrei Tyurin pleaded guilty to perpetrating massive hack attacks against leading U.S. financial services firms and others from 2012 to mid-2015. Victims included JPMorgan Chase, from which he stole details of 83 million customer accounts.
A global law enforcement operation has resulted in the arrest of 281 suspects allegedly involved in business email compromise scams. The announcement comes on the same day as the FBI's Internet Crime Complaint Center says that losses from BEC scams have hit $26 billion and are continuing to rise.
Cybercrime is surging thanks, in part, to the availability of inexpensive hacking tools and services. A recent look by security firm Armour at black market offerings finds stolen payment card data, RDP credentials, ransomware and DDoS services are widely available for sale.
A "zero trust" security model makes it easier to manage application access and protect against malicious users, but the rollout of the model must be managed in a very organized way, says Mani Sundaram, CIO and EVP, Global Services and Support, at Akamai Technologies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.
