Attackers are deploying modified MageCart malware against WordPress websites that use the WooCommerce shopping cart plug-in, says website security firm Sucuri. Hackers inject PHP and JavaScript code and hide stolen credit card numbers in .jpg files.
EMV chip technology has taken a major bite out of credit card fraud at the point of sale, but card-not-present fraud continues to flourish thanks to an age-old technology - the magnetic stripe, says Mark Solomon, international president, International Association of Financial Crimes Investigators.
TikTok CEO Shou Chew appeared Thursday before the U.S. congressional panel to defend his company against accusations that it's imperiling Americans' national security, privacy and mental health. Lawmakers pressed Chew on the company's Chinese ownership, source code and privacy practices.
Dark web merchants have been offering Russians - consumers and criminals alike - services for bypassing international sanctions that may indirectly involve U.S. financial institutions, demonstrating the need for more robust "know your customer" and anti-money laundering checks, researchers warn.
Not all ransomware groups wield crypto-locking malware. Some have adopted other strategies. Take BianLian. After security researchers released a free decryptor for its malware, instead of encrypting files, the group chose to steal them and demand ransom solely for their safe return.
A Bulgarian woman extradited to the United States for her role in a $4 billion crypto pyramid scheme adds to a growing list of law enforcement actions against perpetrators of the OneCoin Ponzi scheme. OneCoin generated $4 billion in fraudulent revenue and earned profits of close to $3 billion.
Days after federal agents arrested the alleged administrator of criminal underground forum BreachForums, the new admin who took over announced that he is shutting down the site. User "Baphomet" said he spotted a suspicious server logon early Sunday afternoon.
Europe's cybersecurity agency predicts hackers will take advantage of the growing overlap between information and operational technologies in the transport sector and disrupt OT processes in a targeted attack. Ransomware will become a tool wielded for political and financial motivations, says ENISA.
Bitcoin ATM manufacturer General Bytes suspended its cloud services supporting more than 15,000 machines after a hacker exploited a vulnerability in its software to steal user passwords and private keys and made off with cryptocurrency worth millions of dollars.
Russia's invasion of Ukraine in 2022 threw Russia's cybercrime ecosystem into a state of upheaval that still exists to this day. "We identified disruptions to literally every single form of commodified cybercrime," said Alexander Leslie, associate threat intelligence analyst at Recorded Future.
Criminal hackers are targeting South Koreans with an Android Trojan that dupes victims into handing over payment card data by faking phone conversations with lenders. Developers are using "several unique evasions that we had not previously seen in the wild," Check Point researchers write.
Last year was another bonanza in zero-days for Chinese state hackers, say security researchers in a report predicting a permanent uptick in nation-state exploitation of yet-unpatched vulnerabilities. "Attackers seek stealth and ease of exploitation," writes cybersecurity firm Mandiant.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.