Security News

Mexican financial institutions are under the radar of a new spear-phishing campaign that delivers a modified version of an open-source remote access trojan called AllaKore RAT. The BlackBerry...

A Baltimore man faces a potential maximum 20-year prison sentence after being charged for his alleged role in running an online service that sold personal data which was later used for financial fraud. The filing claims customers would approach Charleron with a name and home address, plus a payment in the region of $25 sent either via cryptocurrency or other digital means, and in return they would receive the PII necessary to take out credit cards in a victim's name.

The result is that digital nomads come across systems for identity verification more often than most people do. Identity verification of digital nomads can be a tricky task for many businesses as their established processes are not designed for such a large variety of foreign IDs, and thus require revamping.

The U.S. Department of Justice (DoJ) said it charged 19 individuals worldwide in connection with the now-defunct xDedic Marketplace, which is estimated to have facilitated more than $68 million in...

Cybercriminals turn to ready-made bots for quick attacks. Bots and human fraud farms were responsible for billions of attacks in the H1 of 2023 and into Q3, according to Arkose Labs.

Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it's tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and...

Operating as an Organized Retail Crime gang across online forums and social media, this fraud service provider provides illicit refunds for individuals in exchange for a fee. REKK then requested a refund, manipulating Amazon's support representatives through social engineering tactics, unauthorized access to Amazon systems, and bribing insiders to secure a refund without returning the purchased product.

Rew Mahn, 28, of Derry, New Hampshire, pleaded guilty in federal court on Tuesday to both passport fraud and wire fraud, the latter relating to that cyber-intrusion. Mahn was indicted [PDF] by a grand jury for passport fraud in February, after being charged in 2021 with breaking into Motorola's computer network and stealing data.

The scammers impersonate accounts on X belonging to blockchain analytics or crypto fraud investigation firms and researchers, like CertiK, ZachXBT, and Scam Sniffer, to promote fabricated security breaches on Uniswap and Opensea. To impersonate the legitimate accounts, the threat actors created new X accounts with similar account names.

The Securities and Exchange Commission brought charges against both Austin, TX-based information security software company SolarWinds and its CISO Timothy G. Brown on October 30. The SEC alleges that between SolarWinds' October 2018 initial public offering and the December 2020 announcement of the large-scale cyberattack, SolarWinds and Brown specifically " defrauded investors by overstating SolarWinds' cybersecurity practices and understating or failing to disclose known risks.