Following the theft of $81 million from Bangladesh Bank, is it time for banks to make SWIFT money transfers less automated and better supervised and thus secure? An alleged scam from the days of telex machines and code books offers useful perspective.
Just six months after law enforcement agencies coordinated a takedown to disrupt online banking credential theft linked to the banking Trojan Dridex, the malware has re-emerged with new attack tactics and new targets, researchers say. U.S. bank accounts and businesses are now primary targets.
The Verizon 2016 Data Breach Investigations report finds malware, ransomware and phishing attacks are more common than ever and creating even more damage. Organizations are continuing to get exploited via vulnerabilities that are months or even years old, forensics expert Laurance Dine explains in this interview.
Vladimir Tsastin, an Estonian national, has been sentenced to serve more than seven years in prison and pay a $2.5 million fine after pleading guilty to running a $14 million click-fraud scheme with more than 4 million victims across 100 countries.
In an alert to banks, SWIFT warns that it's seen repeat attempts by hackers to subvert its messaging system, which banks around the world use to move money. It's released a "mandatory" software update to help customers identify signs of attack.
A report that the $81 million Bangladesh Bank heist was linked to customized malware has raised questions about the security of SWIFT transactions. But the more critical issue, fraud experts say, is the need for banks to have proper security controls in place to detect and prevent network intrusions.
The U.S. government is actively disrupting - rather than just monitoring - computer systems, networks and communications technologies used by the jihadi fighters known as ISIS, ISIL or Daesh, according to a news report.
The online heist of $81 million from Bangladesh Bank involved custom malware that hacked the database used by the bank's SWIFT software, allowing attackers to transfer money and hide their tracks, according to BAE Systems Applied Intelligence. SWIFT will issue software updates and security guidance to all customers.
Prosecutors have expanded a complex case, involving an alleged pump-and-dump stock scheme, hacking into U.S. banks and operating an unlicensed bitcoin exchange, to include money-laundering charges related to processing bitcoin ransoms paid by ransomware victims.
A previously unknown cybercrime group has hacked into numerous organizations in the retail and hospitality sectors to steal an estimated 20 million payment cards, collectively worth an estimated $400 million via underground cybercrime forum sales, FireEye reports.
Two of the hacker masterminds behind the notorious SpyEye malware have each received lengthy prison sentences after pleading guilty to related charges in U.S. federal court. But alleged Zeus creator and accomplice Evginy Bogachev remains at large.
Epic Systems' successful lawsuit against India's Tata Consultancy Services raises many security questions. For example, why did Epic find out about the allegedly inappropriate downloading of trade secrets from an external whistleblower, rather than as a result of internal detection efforts?