Security News

Law enforcement authorities in the Netherlands have arrested two alleged individuals belonging to a Dutch cybercriminal collective who were involved in developing, selling, and renting sophisticated phishing frameworks to other threat actors in what's known as a "Fraud-as-a-Service" operation. Believed to be active since at least 2020, the cybercriminal syndicate has been codenamed "Fraud Family" by cybersecurity firm Group-IB. The frameworks come with phishing kits, tools designed to steal information, and web panels, which allow the fraudsters to interact with the actual phishing site in real time and retrieve the stolen user data.

Authorities in the Netherlands have arrested a 24-year-old believed to be a developer of phishing frameworks for a cybercrime ring named "Fraud Family." According to the Dutch National Police, the man worked together with a 15-year-old accomplice to develop and sell phishing panels that allowed cybercriminals to steal banking credentials from unsuspecting users.

Thales announces a new voice biometric solution which is part of Thales Trusted Digital Identity Service Platform for onboarding and authentication. It meets the growing demand from mobile operator call centres to fight identity fraud whilst providing a seamless customer experience.

ACI Worldwide announced that its partnership with Swedbank has contributed to a 55 percent decrease in card fraud, helping to improve customer experience and business growth for the Swedish bank. The bank partnered with ACI to enhance its fraud platform with the help of ACI Fraud Management and has transitioned from a rules-based to a holistic fraud management approach - which now applies insights from machine learning and shared data in addition to rules - to exempt low-risk transactions from the SCA requirements.

City of London Police is looking to crack down on cybercrime with the purchase of "Next-generation IT services" in the hopes it will beef up the systems supporting Action Fraud and the National Fraud Intelligence Bureau. Action Fraud - founded in 2006 - is the UK's national reporting centre for fraud and cybercrime.

PoC for critical Windows Print Spooler flaw leakedMicrosoft has confirmed that the so-called PrintNightmare vulnerability is not the same flaw as the previously patched CVE-2021-1675, and that the leaked PoC exploits can be used to exploit this RCE zero-day. Cisco security devices targeted with CVE-2020-3580 PoC exploitAttackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software.

Facebook on Tuesday revealed it filed two separate legal actions against perpetrators who abused its ad platform to run deceptive advertisements in violation of the company's Terms and Advertising Policies. "In the second case, the defendants are a group of individuals located in Vietnam who got users to self-compromise their Facebook accounts and ran millions of dollars of unauthorized ads."

Mitek introduced Check Fraud Defender, an artificial intelligence-powered, cloud-hosted consortium for financial institutions to counteract check fraud. An important addition to a financial institution's fraud-fighting protocols, Check Fraud Defender helps protect against the growing sophistication of check fraud attacks.

"No single organization can stop synthetic identity fraud on its own," reports The Federal Reserve. As within each of these examples, the same concept applies in fighting identity fraud, which we cannot defeat entity by entity, individual by individual-but as a unified, global consortium working to detect fraud.

Ping Identity has acquired SecuredTouch, a provider of fraud and bot detection and mitigation. As SecuredTouch is integrated with the broader PingOne Cloud Platform, enterprise customers will have access to advanced signals, data, and intelligence to gain a greater understanding of fraudster behavior, and step up authentication when needed to stop malicious activity and reduce fraud loss.