In the latest incident, an attack targeted about 200 online campus stores in the U.S. and Canada, Trend Micro reports. But this attack apparently was waged by a new group.
Cybercriminals have stolen customer data from Citycomp, a German IT company whose clients include Oracle, Volkswagen, Airbus, Ericsson, Toshiba British Telecom and many others. After Citycomp didn't pay a ransom, the hackers posted the data online.
The impact of chargeback rates is abundantly clear and easily measurable, but the financial impact of false declines - rejecting perfectly good customers over fear of fraud - is largely underestimated. In reality, these
mistakes, which are all too common but difficult to track, end up costing merchants significantly...
Fraud is scary, and there are many valid reasons for retail merchants to decline suspicious transactions in the name of fraud prevention. But often, in the quest to avoid abuse, risk-averse vendors take defensive measures too far. According to industry data, the average merchant loses 5.5% of their revenue to false...
TA505, a sophisticated advanced persistent threat group, is now using legitimately signed certificates to disguise malware that can penetrate banking networks, security researchers warn in a new report.
Account Takeover (ATO) attacks are one of the fastest growing and prevalent problems for most organizations. According to a recent Forrester report, ATO attacks caused at least $6.5 billion to $7 billion in annual losses across financial services, insurance, eCommerce and other industries.
Download this whitepaper...
For at least half a decade, HSBC helped to wash hundreds of billions of dollars for drug mobs, including Mexico's Sinaloa drug cartel, as well as move money for terrorist organizations linked to Al Qaeda and Hezbollah and for Russian gangsters. Furthermore, HSBC helped countries like Iran, the Sudan and North Korea...
U.S. CERT has issued a fresh warning about a newly discovered Trojan called Hoplight that is connected to a notorious APT group with links to North Korea. The malware has the ability to disguise the network traffic it sends back to its originators, making it more difficult to track its movements.
Application fraud losses are projected to top $1.3B in the US by 2020. Understanding the trends behind these staggering numbers is critical if institutions are to prevent crippling financial and reputational losses.
Join Aite's Senior Analyst, Shirley Inscoe, and DataVisor's Director of Solution Engineering, Alex...
CISOs and other security leaders know they can't find and fix every vulnerability. Yet, that's what's expected. So, what can you do?
The short answer: Work smarter, not harder. To do that, you need to reduce the vast universe of potential vulnerabilities down to a subset of the vulnerabilities that matter...
Distinguishing nation-state attacks from organized crime continues to grow more difficult because some attackers wear both hats, a Europol official reports. Further complicating the picture: Young attackers enjoy access to ever-more sophisticated and inexpensive tools and services.
Script-based payment card malware continues its successful run, impacting a range of e-commerce sites, security researchers warn. With fraudsters continuing to refine their tactics, countering card-sniffing scripts continues to be difficult.
The notorious carder site Joker's Stash is featuring a fresh batch of Pakistani banks' payment card data with an estimated street value of $3.5 million. Nearly all of the 70,000 bank cards are advertised as being from Meezan Bank, the country's largest Islamic bank, Group-IB reports.
This Valentine's Day, authorities are once again warning individuals to watch out for anyone perpetrating romance scams. The FTC says Americans lost $143 million to romance scams in 2017, while in the U.K., Action Fraud says reported romance scam losses in 2018 topped $64 million.
The latest edition of the ISMG Security Report features a summary of alarming new findings about the ability of the U.S. to counter a nation-state malware attack. Plus, a discussion of "fusion centers" at banks and an update on the targeting of Webstresser subscribers.