Do criminal organizations prefer to target organizations that hold cyber insurance policies? A ProPublica report suggests that because cyber insurance policyholders are more likely to pay ransoms, they're a more frequent target. But some cybersecurity experts have expressed skepticism.
A newly discovered vulnerability in Visa's contactless payment cards could allow fraudsters to bypass payment limits of 30 British pounds ($37) at U.K. banks, according to researchers at Positive Technologies, who claim the vulnerability could be exploited in other countries as well.
Given the massive impact of the Equifax data breach, is the recently announced proposed settlement fair? One consumer advocate calls the money to be paid out by the consumer reporting agency the equivalent of a "parking ticket." Here's an analysis of the settlement's terms.
A powerful parliamentary committee has called on Britain's new prime minister - be it Boris Johnson or Jeremy Hunt - to make a decision "as a matter of priority" about the extent to which telecommunications gear built by Huawei should be used in the nation's 5G network.
George Orwell's "1984" posited a world in which Big Brother monitored us constantly via "telescreens." But thanks to our "smart" AI home assistants - from Google, Amazon and others - we're increasingly installing the monitoring equipment ourselves, and it may "hear" much more than we realize.
Hackers appear to have accessed a new mobile payment app for 7-Eleven customers in Japan, taking about $500,000 from 900 customers over several days. Poor passwords and authentication designs by the company are likely to blame, according to media reports.
The debate over whether the U.S. government should have the right to force weak crypto on Americans has returned. Here's what hasn't changed since the last time: mathematics and the choice between strong crypto protecting us or weak encryption - aka backdoors - imperiling us all.
The annual Infosecurity Europe conference this year returned to London. Here are visual highlights from the event, which featured over 240 sessions and more than 400 exhibitors, 19,500 attendees and keynotes covering data breaches, darknets, new regulations and more.
Online invitation site Evite has been hacked and information on an unspecified number of users stolen. In a data minimization fail, the breach apparently dates from earlier this year, but it's been tied to "an inactive data storage file associated with Evite user accounts" from before 2014.
Criminal gangs have been hitting e-commerce sites hard lately by injecting their malicious code to "skim" customers' payment card details. In a recent twist, Malwarebytes spotted a malicious iFrame that steps in front of the normal payment process to intercept card details.
In the latest incident, an attack targeted about 200 online campus stores in the U.S. and Canada, Trend Micro reports. But this attack apparently was waged by a new group.
Russian national Anton Bogdanov has been charged with stealing more than $1.5 million from the Internal Revenue Service via a tax return fraud scheme. He was arrested last November while on vacation in Thailand, at U.S. request, and subsequently extradited.
The advent of faster payments has helped accelerate authorized push payment fraud schemes in which victims are defrauded under false pretenses. Banking regulators are responding to the trend, and Rob Tharle of NICE Actimize offers advice for multilayered defense.
FIN6, a cybercrime group that has focused on attacking point-of-sale devices to steal credit card numbers, now also is waging ransomware attacks that target businesses with either LockerGoga or Ryuk, according to a new analysis from security firm FireEye.