Security News
Venafi announced the findings of a global survey of IT decision-makers looking into the use of double and triple extortion as part of ransomware attacks. The data reveals that 83% of successful ransomware attacks now include alternative extortion methods, such as using the stolen data to extort customers, exposing data on the dark web, and informing customers that their data has been stolen.
The global digital payment market size is projected to grow from $89.1 billion in 2021 to $180.4 billion by 2026, at a CAGR of 15.2% during the forecast period, according to ResearchAndMarkets. Major growth factors for the market include worldwide initiatives for the promotion of digital payments, high proliferation of smartphones enabling mCommerce growth, increase in eCommerce sales, and growth in internet penetration.
80% of critical infrastructure organizations experienced a ransomware attack in the last year, with an equal number reporting that their security budgets have risen since 2020, a Claroty report reveals. The report is based on an independent global survey of 1,100 information technology and operational technology professionals who work in critical infrastructure sectors, exploring how they have dealt with the significant challenges in 2021, their levels of resiliency, and priorities moving forward.
The survey reinforces the need for healthcare organizations to integrate digital technology and solutions into all areas of the business ecosystem, including secure payment technology to provide peace of mind and ensure patients enjoy secure and seamless payment experiences. Between large hospital networks, private practices, specialists, and urgent care, the survey found that 44% of respondents felt that private practices handled payment and personally identifiable information most securely, and large hospital networks were rated by even fewer at 33%. With a 25% increase in healthcare data breaches year over year and reports of hospitals accounting for 30% of all large data breaches, patients have a heightened sense of awareness and interest in the processes their providers take to protect their information.
The British arm of Dutch supermarket chain Spar has shut hundreds of shops after suffering an "Online attack," the company has confirmed to The Register. "This has not affected all SPAR stores across the North of England," a Spar spokesman told us, "But a number have been impacted over the past 24 hours and we are working to resolve this situation as quickly as possible."
The US Federal Bureau of Investigation says 49 organisations, including some in government, were hit by Cuba ransomware as of early November this year. The ransomware gang's loader of choice, Hancitor, was the culprit, distributed via phishing emails, or via exploit of Microsoft Exchange vulnerabilities, compromised credentials, or Remote Desktop Protocol tools.
The US Attorney's Office of Arizona on Wednesday announced the indictment of two men on charges that they defrauded musicians and associated companies by claiming more than $20m in royalty payments for songs played on YouTube. "In short, Batista and Teran, as individuals and through various entities that they operate and control, fraudulently claimed to have the legal rights to monetize a music library of more than 50,000 songs," the indictment [PDF] alleges.
E-commerce platforms in the U.S., Germany, and France have come under attack from a new form of malware that targets Nginx servers in an attempt to masquerade its presence and slip past detection by security solutions. "This novel code injects itself into a host Nginx application and is nearly invisible," Sansec Threat Research team said in a new report.
US feds were spotted raiding a warehouse belonging to Chinese payment terminal manufacturer PAX Technology in Jacksonville, Florida, on Tuesday, with speculation abounding that the machines contained preinstalled malware. PAX Technology is headquartered in Shenzhen, China, and is one of the largest electronic payment providers in the world.
Senior officials from more than 30 countries said that their governments would take action to disrupt the illicit cryptocurrency payment channels used by ransomware gangs to finance their operations.The Counter-Ransomware Initiative hopes to drain their funding and take down their operations by disrupting the ransomware groups' funding channels.