Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Vendor email compromise is a troubling new trend in which fraudsters use hijacked employee email accounts to target not just one company, but entire supply chain ecosystems. [Read More]
Bed Bath & Beyond says the accounts of less than 1% of its customers have been hacked in an attack that involved credentials obtained from third-party breaches and password reuse. [Read More]
U.S. fast-food restaurant chain Krystal is investigating a payment card breach that appears to impact at least 200 of its locations. [Read More]
Malwarebytes has found sufficient evidence to suggest that Magecart 5 is really the APT group known as Carbanak. [Read More]
Fake checkra1n iOS jailbreak used as part of a sophisticated click fraud scheme that could pave the way for far more malicious actions. [Read More]
Anthony Tyler Nashatka, aka psycho, appeared in a US federal court on charges related to his involvement in a scheme aimed at defrauding victims of at least $1.4 million in cryptocurrency. [Read More]
Magecart hackers have been gathering sensitive information from thousands of online shops after compromising top ecommerce platform and service provider Volusion. [Read More]
A citizen of Singapore has been charged in the United States for a large-scale cryptocurrency mining operation performed using stolen identity and credit card information. [Read More]
Iranian Foreign Minister Mohammad Javad Zarif is denying his country would interfere with the upcoming U.S. presidential election and says his government doesn’t have a preference in the race. [Read More]
A large number of spam messages recently sent by the same botnet were observed featuring randomized headers and even different templates, with some emails resembling phishing. [Read More]
FEATURES, INSIGHTS // Fraud & Identity Theft
When it comes to cybercrime, the police really can’t and aren’t going to protect residents of your town. The same goes for all towns and cities. Unless you’re talking a high six-figure theft, it's unlikely an officer will be assigned to your case.
The holiday season is a time of giving. But savvy security and technology professionals such as yourselves know, both during the holidays and year-round, that not all giving is good.
No more fertile ground for security breaches exists in the United States than our colleges and universities. A higher education student database is an identity thief’s dream come true.
Cooperation in the underground economy could enable a fraudster in Russia who masters the art of phishing to team up with another fraudster who already has the infrastructure of cashing out compromised online banking accounts of US banks.
Companies are increasingly seeing the benefits of using social technologies both for internal and external purposes. What is the security impact of this trend? What should security teams think about?
To maximize profits, fraudsters need to do a lot of learning. They can either learn techniques of areas they haven't focused on yet, learn better techniques in the field they already specialize in, or learn new cover stories to improve the techniques they already use.
The worlds of counter terrorism and fraud prevention should increase their ties. Systems that are already implemented in one world may be applied to the other. Solution providers and policy makers from both worlds need to meet up and share ideas, thoughts and experience for the benefit of both.
A bank that will fail to give fraud departments the power to make the necessary changes to its internal processes, may end up in a situation where everyone knows how and why fraudsters are stealing money from their bank – yet nothing can be done to stop it.
Some newer POS systems in the US have built-in authentication systems designed to protect merchants against the addition of fraudulent PIN pads. Should PCI now require retail businesses to upgrade to newer and better technology?
Unlike real-world dumpster diving, "electronic dumpster diving" can enable cybercriminals to access all the documents currently held by the user, not just those that were thrown away.
SecurityWeek Daily Briefing
- Russian 'Gamaredon' Hackers Back at Targeting Ukraine Officials
- Vulnerabilities Found in Aviatrix Enterprise VPN
- Facebook Sues Chinese Company Over Ad Fraud
- Panorays Raises $15 Million in Series A Funding Round
- Weidmueller Patches Critical Vulnerabilities in Industrial Switches
- U.S. Authorities Take Action Against 600 Money Mules
- VMware Patches ESXi Vulnerability That Earned Hacker $200,000
- North Korean MacOS Malware Adopts In-Memory Execution
- VPN Connection Hijacking Vulnerability Affects Linux, Unix Systems
- US Indicts 'Evil Corp' Hackers With Alleged Russian Intelligence Ties
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy