Bitcoin 'Mixer' Fined $60 Million

Akshaya Asokan • October 20, 2020

The Treasury Department has fined the owner of two bitcoin "mixing" sites $60 million for violating anti-money laundering laws. It's the first time the department's Financial Crimes Enforcement Network has issued a civil monetary penalty against the operator of a cryptocurrency site.

►

Fraud Management & Cybercrime

Visa Alert: POS Malware Attacks Persist

Latest

Anti-Money Laundering (AML)

The IRS Takes on Cryptocurrency-Funded Terrorists

Nick Holland • October 22, 2020

The IRS Criminal Investigation Cyber Crimes Unit is waging a battle against the use of cryptocurrency for financing terrorists and other money-laundering activities. Agents Chris Janczewski and Jon Gebhart describe recent cryptocurrency-related takedowns.

Fraud Management & Cybercrime

Phishing Emails Target Coinbase Exchange Users

Chinmay Rautmare • October 21, 2020

Fraudsters are sending phishing emails with messages about the Coinbase cryptocurrency exchange to Microsoft Office 365 users in an attempt to take over their inboxes and gain access to data, according to the security firm KnowBe4.

Cybercrime

'Active Threat' Warning: Patch Serious SharePoint Flaw Now

Mathew J. Schwartz • October 19, 2020

Security experts are urging organizations to patch a newly revealed serious flaw in Microsoft SharePoint as quickly as possible because proof-of-concept exploit code is already available. The U.K.'s National Cyber Security Center warns that hackers frequently target fresh SharePoint flaws.

Cybercrime as-a-service

Analysis: Ransomware Dominates the Cybercrime Landscape

Anna Delaney • October 16, 2020

The latest edition of the ISMG Security Report analyzes a new report that labels ransomware as the No. 1 cybercrime threat. Also featured: A former FBI agent offers an update on "disruptionware" attacks; how Tesla's autopilot is tricked by phantom images.

Account Takeover Fraud

Cybercrime: 12 Top Tactics and Trends

Mathew J. Schwartz • October 13, 2020

Ransomware attacks remain the top cyber-enabled threat seen by law enforcement. But phishing, business email compromises and other types of fraud - many now using a COVID-19 theme - also loom large, Europol warns in its latest Internet Organized Crime Threat Assessment.

Application Security

Hackers Chaining 'Zerologon,' Other Vulnerabilities

Akshaya Asokan • October 10, 2020

CISA is warning that sophisticated hacking groups are chaining together vulnerabilities, such as the recent Zerologon bug and other flaws, to target state and local government networks. In some cases, attackers gained access to election support systems.

Card Not Present Fraud

Video Conference Firm Targeted for Payment Card Skimming

Doug Olenick • October 9, 2020

While most payment card skimming attacks zero in on ecommerce sites for consumers, a newly discovered attack targeted PlayBack Now, an online video conferencing firm, Malwarebytes reports.

COVID-19

Cybersecurity Leadership: Marketing in the Maelstrom

Tom Field • October 9, 2020

Steve Jobs once said: "Marketing is about values." But how well is the cybersecurity solutions message being received amid the convergence of pandemic and economic strains? We brought an outspoken group of CMOs and CISOs together to discuss the topic.

Fraud Management & Cybercrime

Egregor Ransomware Adds to Data Leak Trend

Akshaya Asokan • October 3, 2020

Security researchers at Appgate are warning about a recently uncovered ransomware variant called Egregor that appears to have infected about a dozen organizations worldwide over the past several months. The gang behind this crypto-locking malware is threatening to release data if victims don't pay.

CISO Trainings

Profiles in Leadership: Nancy Hunter, CISO, Philadelphia Fed

Tom Field • October 1, 2020

As CISO of the Federal Reserve Bank of Philadelphia, Nancy Hunter has a defined role and priorities. But she also has a refined sense of responsibility for collaboration, mentoring and creating new career opportunities for women.

Fraud Management & Cybercrime

Millions Stolen in BEC Scam Campaign

Akshaya Asokan • October 1, 2020

A recently uncovered business email compromise scam that's targeting executives' Microsoft Office 365 accounts has hit over 150 organizations worldwide so far and netted the scammers about $15 million, according to incident response firm Mitiga.

Blockchain & Cryptocurrency

New Platform Designed for Secure Payment Data Exchange

Nick Holland • September 30, 2020

In October, Nacha will launch the Payment Information Exchange Platform, or Phixius, a secure network of linked credentialed service providers designed to improve data exchange for payments to help fight fraud. George Throckmorton of Nacha explains how it works.