A cybercrime ring that employed the Angler Exploit Kit to earn an estimated $34 million per year - from ransomware infections alone - has been disrupted by security researchers at Cisco's Talos security intelligence and research group.
Security experts warn about a trio of new threats: GreenDispenser cash-out malware, the Shifu banking Trojan being spread via malvertising attacks and Neutrino crimeware getting an upgrade to steal payment-card data.
Match.com suspended all advertising on its U.K. site after discovering that one of its third-party advertising provider's networks had been infiltrated by a malware-serving campaign. The incident follows U.K. dating site Plenty of Fish recently falling victim to a similar campaign.
What do successful but separate malware attacks against banking customers around the world, as well as the White House and health insurer Anthem, all have in common? Researchers say the answer is shockingly simple.
In a security landscape where the frenetic pace of technology has changed paradigms in ways organizations are struggling to cope with, Blue Coat's Hugh Thompson advises adopting a 'Degrees of Freedom' approach.
The takedown of Gameover Zeus taught law enforcement and banks many lessons, including that Trojans are being used to steal corporate secrets, not just money, says Eward Driehuis of Fox-IT, which investigated the threat actors behind the Trojan.
The prices for stolen payment card data and other cybercrime products and services on Russian underground forums continue to fall. But the cybercrime ecosystem is more automated, effective and robust than ever, Trend Micro reports.
The U.S. Department of Justice has charged three men in a fraud scheme reportedly tied to hacks of JPMorgan Chase. Separately, two men are charged with running an unlicensed online bitcoin exchange used by Russian criminals.
Malware kingpin Vladimir Tsastsin has pleaded guilty to charges relating to a $14 million click fraud scheme that the FBI dubbed Operation Ghost Click. The scheme, which also involved money laundering, affected 4 million victims in 100 countries.
Warning: All versions of Flash Player are vulnerable to a zero-day, weaponized exploit that became public when Italian spyware vendor Hacking Team was hacked, and 400 GB of corporate data leaked. Adobe has released an update to patch the flaw.
Symantec has issued new warnings about a malware strain known as Poweliks, noting that this Trojan is being used in conjunction with ransomware. But security experts disagree over the severity of the threat.
This year's Infosecurity Europe conference in London is offering a top-notch range of sessions, ranging from how to battle cybercrime and social engineering to building a better security culture and workforce. Here's my list of must-see sessions.
Britain's computer emergency response team - CERT-UK - reports that malware remains the dominant mode of online attack for cybercriminals, and Zeus their most preferred tool of choice. But the team is promoting a free information-alert service to help.
Visa has agreed to increase the reimbursement paid to banking institutions that must reissue cards in the wake of a merchant breach. Now the smaller card issuers, such as community banks, are getting paid the most.