The notorious Joker's Stash carder marketplace has recently listed for sale 460,000 records, including four "Turkey-Mix" batches that feature never-before-seen payment card data that traces to Turkey's 10 largest banks, says cybersecurity firm Group-IB.
One of the largest fines to date for violating the EU's General Data Protection Regulation has been announced by Germany's federal privacy and data protection watchdog, the BfDI, against 1 & 1 Telecommunications, in part for inadequate authentication mechanisms. The company plans to appeal.
Two Russian men have been charged with stealing more than $100 million from banks around the world using the notorious Dridex malware, according to an unsealed U.S. indictment that caps off a decade-long investigation led by American and British law enforcement agencies.
Victims of a massive 2018 Facebook data breach can continue a class-action lawsuit to try and force the social network to maintain "reasonable" information security practices, a federal judge has ruled. But he dismissed the plaintiff's attempt to receive monetary compensation for the breach.
Adobe says its e-commerce Magento Marketplace has been breached, exposing usernames, email addresses and more. The software giant has yet to detail how many users were affected or the breach duration. Unfortunately, the stolen data could be used to fuel phishing attacks.
Twitter users no longer have to supply a phone number in order to use two-step verification for authentication. The move will better protect accounts from SIM hijacking attempts and also means users don't have to sacrifice some of their privacy to enable a security feature.
Stanislov Lisov, a Russian hacker who helped create the NeverQuest banking Trojan, has been sentenced to four years in federal prison after pleading guilty to one charge.
The 2019 iovation Financial Services Fraud and Consumer Trust Report provides an in-depth analysis of the trends transforming the Financial Services industry in 2019 and explores how businesses can stay relevant and profitable in 2020.
In this report, we address three market drivers in financial...
Only ~20% of companies use DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks. But even when they are enabled and your domain is more secure, 81% of phishing attacks still continue to sail right through to the end-user.
In this webinar, Roger Grimes,...
Using the largest repository of breached credentials in the world, SpyCloud has analyzed breach data tied to Fortune 1000 employees to understand what information is out there and how it can be used to commit fraud. In this video, SpyCloud Head of Product Strategy Chip Witt will walk through SpyCloud's analysis of...
The enterprise has embraced the public cloud. But tension and misalignment between CloudOps and business stakeholders impedes your organization from achieving all that it can.
Moreover, customers expect speed, scale and business agility from the cloud. CloudOps require continuous governance of security,
compliance...
A Texas resident has been sentenced to 12 years in federal prison for hacking into the Los Angeles Superior Court computer system and sending out approximately 2 million phishing emails to steal hundreds of credit and payment card numbers.
A Singapore man allegedly ran a large-scale cryptocurrency mining scheme that involved using stolen identities to access Amazon and Google cloud computing resources, according to a 14-count U.S. Justice Department indictment.
123456, password, password1: These are a few of the top passwords used by Fortune 1000 employees whose passwords and personally identifiable information have been exposed in third-party breaches. While the dangers of easy-to-guess passwords are well-known, even employees at top companies are guilty of bad password...
Nation-state attackers have been targeting known flaws that customers have yet to patch in their Pulse Secure, Palo Alto and Fortinet VPN servers, Britain's National Cyber Security Center warns, adding that any organization that didn't immediately apply patches should review logs for signs of hacking.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.
