Security News

Maastricht University wound up earning money from its ransom payment
2022-07-10 14:03

Maastricht University, a Dutch university with more than 22,000 students, said last week that it had recovered the ransom paid after a ransomware attack that hit its network in December 2019. One week later, on December 30, the university decided to pay the ransom to have its files decrypted after deciding that rebuilding all infected systems from scratch or creating a decryptor were not viable options.

Massive Rogers outage disrupts mobile service, payments in Canada
2022-07-08 15:33

A massive Rogers outage is causing widespread disruption in Canada due to lack of mobile service, inability to process payment card transactions, and impacting 911 emergency services. According to DownDetector, the outage started at around 5 AM EST, with customers suddenly unable to make phone calls or connect to the Internet.

Dutch University retrieves Bitcoin ransomware payment and makes a profit
2022-07-05 07:46

The Netherlands' Maastricht University has managed to recoup the Bitcoin ransom it paid to ransomware scum in 2019 - and has made a tidy profit on the deal. The University explained that in 2019 it suffered a ransomware attack that prevented staff and students from accessing research data, email, or library resources.

LockBit ransomware gang promises bounty payment for personal data
2022-06-30 15:31

LockBit ransomware gang promises bounty payment for personal data. In a new twist on the ransomware game, the LockBit cybercrime group has launched a bug bounty program promising money to people willing to share sensitive data that can be exploited in ransomware attacks.

This new malware diverts cryptocurrency payments to attacker-controlled wallets
2022-06-24 13:40

A clipper malware is a piece of software that once running on a computer will constantly check the content of the user's clipboard and look for cryptocurrency wallets. This way, if an unsuspecting user uses any interface to send a cryptocurrency payment to a wallet, which is generally done by copying and pasting a legitimate destination wallet, it gets replaced by the fraudulent one.

Clipminer malware gang stole $1.7M by hijacking crypto payments
2022-06-02 12:08

Threat analysts have discovered a large operation of a new cryptocurrency mining malware called Clipminer that brought its operators at least $1.7 million from transaction hijacking. According to researchers from Symantec, a Broadcom company, Clipminer is based on the KryptoCibule malware.

Popularity of online payment goes hand-in-hand with fraud
2022-05-18 03:30

Noting that banking fraud continues to rise, the data-driven research study found a 41% increase in attempted fraud over a similar evaluation conducted the year before by its data scientists. Data scientists and fraud subject matter experts compiled anonymized data secured from a subset of its total monitored transactions, including both online and offline payments channels that covered ACH, wires, checks, card purchases, and P2P transactions.

Protecting payments in an era of deepfakes and advanced AI
2022-05-11 12:01

Two stunning deepfakes that have been broadly covered include a deepfake of Tom Cruise, birthed into the world by Chris Ume and Miles Fisher, and deepfake young Luke Skywalker, created by Shamook and Graham Hamilton, in a recent episode of "The Book of Boba Fett.". Without a similar bone structure and the subject's trademark movements and turns of phrase, even today's most advanced AI would be hard-pressed to make the deepfake perform credibly.

Ransom payment is roughly 15% of the total cost of ransomware attacks
2022-04-28 10:00

Researchers analyzing the collateral consequences of a ransomware attack include costs that are roughly seven times higher than the ransom demanded by the threat actors. Ransomware attacks typically involve stealing data from the company and encrypting systems to pressure the victim into paying to decrypt files and to avoid a data leak.

PCI DSS 4.0: Meeting the evolving security needs of the payments industry
2022-04-22 04:00

At the end of March 2022, the PCI Council released the PCI DSS 4.0. The current version of PCI DSS will still be available until Q1 2024, at which point 4.0 goes into full effect, with the exception where the Council has turned the evolving controls.