European criminals combined cannibalized EMV chips from stolen cards with miniature microprocessors to build fake payment cards that defeated POS security checks, enabling them to steal as much as $680,000, French researchers say.
Attributing cybercrime to specific criminals is becoming increasingly critical, says Eward Driehuis of threat intelligence firm Fox-IT. Using the elusive Dridex campaign as an example, Driehuis explains in this video interview how many malware attacks are interconnected.
Apple has removed hundreds of apps from its App Store for violating its user-tracking guidelines. Chinese mobile advertising firm Youmi has issued "sincere apologies" for the tracking behavior and promised to compensate affected developers.
ATM fraud losses are increasing globally, and we can expect to see this trend continue as the U.S. ramps up its migration to EMV at the point of sale. Unattended terminals are easy to compromise, and they will always be among fraudsters' favorite targets.
Unprecedented levels of collaboration among targeted financial services firms enabled the international law enforcement operation that disrupted the Dridex botnet, security firm Fox-IT says. Now, can that model be repeated going forward?
An international law enforcement operation - spearheaded by the U.S. FBI and U.K. National Crime Agency - has disrupted the notorious Dridex banking malware and phishing campaign, which has been tied to at least $40 million in losses worldwide.
Dell's announcement that it plans to purchase storage maker EMC for a mind-boggling $67 billion does not make clear the fate of EMC's information security unit, RSA. Analysts believe Dell has not yet determined whether RSA fits into its long-term plans or should be sold or spun off.
Security researchers have demonstrated in a lab setting an information-stealing attack against Amazon Web Services users. But Amazon says its customers "using current software and following security best practices are not impacted by this situation."
Security on the endpoint took a long time to move away from mere patching, hardening and anti-virus technologies. To fight advanced threats, experts say visibility on endpoints is being transformed by the advent of endpoint detection and response tools.
A Russian cybercriminal who used the Citadel banking Trojan to infect at least 7,000 PCs has received a 4.5 year jail sentence. Authorities tracked him in part thanks to his posts to a Citadel user group.
The hotel chain bearing 2016 U.S. presidential candidate Donald Trump's name has confirmed that its point-of-sale systems were malware-infected for more than a year, but it's downplaying the possibility that card data was exfiltrated or used to commit fraud.
Security experts warn about a trio of new threats: GreenDispenser cash-out malware, the Shifu banking Trojan being spread via malvertising attacks and Neutrino crimeware getting an upgrade to steal payment-card data.
The severity of the U.S. Office of Personnel Management breach continues to grow, with investigators now reporting that hackers stolen 5.6 million people's fingerprint data. The theft may have security implications well into the future.