Cryptocurrency-mining hackers appear to be behind a recent spate of supercomputer and high-performance computing system intrusions. But it's unclear if attackers might also have had data-stealing or espionage intentions.
Cybercriminals are hiding malicious JavaScript skimmers in the "favicon" icons of several ecommerce websites in an effort to steal payment card data from customers, researchers at Malwarebytes say.
Singapore's open banking effort has expanded the attack surface, and the only effective defense is to enhance threat intelligence sharing among banks, retailers and third parties, says Tom Wills, a Singapore-based cybersecurity practitioner who is a consultant for financial institutions.
The FBI warns that the notorious FIN7 cybercrime gang has a new trick up its sleeve: Mailing victims a $50 gift card portrayed as good for redeeming items listed on an accompanying USB storage device, which in reality downloads Griffon backdoor software to give attackers remote access.
A long-running marketplace for selling stolen payment card data claims it has 30 million stolen payment cards that experts believe are linked to the breach at Wawa convenience stores late last year. The breach is one of the largest ever involving card-related data.
Bad news on the ransomware front: Victims that choose to pay attackers' ransom demands - in return for the promise of a decryption tool - last quarter paid an average of $84,116, according to Coveware. But gangs wielding Ryuk and Sodinokibi - aka REvil - often demanded much more.
A cyberattack targeting one of the largest banks in the U.S. that stops the processing of payments likely would have a major ripple effect throughout the financial system, according to a new report from the Federal Reserve Bank of New York.
A security researcher has uncovered credit card skimming attacks targeting websites that use a cloud-based payment platform from Volusion. Among the victims: The Sesame Street Live online store.
Banking Trojans and cryptocurrency mining malware continue to be among the most-seen types of malicious code used for nontargeted attacks. But cybercrime attackers are increasingly running targeted campaigns, security researchers warn.
In a series of recent attacks attributed to the umbrella criminal group known as Magecart, malicious JavaScript code was injected into over 80 e-commerce websites to steal credit card and other customer data, according to a new report from the security firm Arxan, which highlights the sites' vulnerabilities.
The Reserve Bank of India intends to do away with the one-time password authentication process for online transactions. In a step in that direction, for the first time, it's allowing widespread tokenization of debit, credit and prepaid card transactions to enhance the safety of digital payments.
Cybercrime gangs continue to update or issue fresh versions of malware to mine for cryptocurrency, deliver crypto-locking ransomware, steal passwords and facilitate online bank account heists, according to new research reports.
What security steps does India need to take as it continues its shift to digital payments? Nitin Bhatnagar, the new associate director for India for the PCI Security Standards Council, offers insights.
In the wake of the $81 million SWIFT transaction cyberheist from the Bank of Bangladesh - the first in a cascade of SWIFT-related heists - regulators and bankers throughout the world have stopped, taken a step back, and reviewed how interbank transactions and payments are managed and operated. The SWIFT attacks have...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.