A Russian national charged in connection with co-creating the Infraud Organization's online cybercrime forum that sold stolen payment card data and was tied to $530 million in fraud losses has pleaded guilty.
Eight U.S. cities recently had payment card data stolen via point-of-sale skimming malware on their Click2Gov online payment platforms, according to Trend Micro, which says five of those cities had already been victims of similar Magecart-style attacks in recent years.
A hacking group dubbed CryptoCore has stolen more than $200 million in virtual currency from several cryptocurrency exchanges over the past two years, the security firm ClearSky Cyber Security reports.
Police have confiscated $90 million from a company allegedly owned by Alexander Vinnik, who is accused of money laundering and defrauding individuals through BTC-e, a cryptocurrency exchange he controlled.
The notorious Qbot banking Trojan is making a comeback with new features and capabilities that enable it to more effectively steal victims' financial data and credentials, according to cybersecurity researchers at F5 Labs.
Vulnerabilities due to "coding errors" in a number of mobile banking applications make them all too susceptible to hacking and customer account data theft, the security firm Positive Technologies warns.
Southeast Asia has become a hotbed for cybercrime activities, says Anthony Bargar, former deputy CISO of the U.S. Department of Defense, who says enterprises in the region need to take a collaborative defense approach to respond to this new threat environment.
Europe is targeting financial and economic crime, including fraud and money laundering, via the new European Financial and Economic Crime Center, hosted by the EU's law enforcement intelligence agency Europol. Officials say the launch of such a center during the COVID-19 pandemic is no accident.
The shift to working from home during the COVID-19 pandemic has led to an increase in mobile phishing campaigns, with attackers targeting remote workers whose devices lack adequate security protections, according to the security firm Lookout. Many of these campaigns are designed to steal users' banking credentials.
Not all data breaches are what they might seem, and not all leakers are who they might claim to be. Take the doxing of the Minneapolis Police Department, supposedly by Anonymous hacktivists: The leaked employee information was almost certainly culled from old breaches. So who did it, and why?
Ransomware-wielding attackers are typically breaking into victims' networks using remote desktop protocol access, phishing emails or malware that's sometimes used in drive-by attacks against browsers, experts warn, advising organizations to make sure they have the right defenses in place.