Security News

ACI Worldwide announced a collaboration with PayPal to bring digital wallet payment options to ACI's biller clients like Monroe County Water Authority. PayPal and Venmo will be integrated with ACI Speedpay, giving consumers more options to make bill payments conveniently and securely using the digital methods that suit them best.

Two reports slap hard figures on what's already crystal clear: Ransomware attacks have skyrocketed, and ransomware payments are the comet trails that have followed them skyward. As far as the sheer multitude of attacks goes, Barracuda researchers on Thursday reported that they've identified and analyzed 121 ransomware incidents so far in 2021, a 64 percent increase in attacks, year-over-year.

SEE: Ransomware attack: Why a small business paid the $150,000 ransom. Though ransomware gangs may not necessarily employ all four tactics in one attack, they will certainly turn to more than one, such as encryption and the release of data or encryption and denial of service attacks.

ACI Worldwide announced an expanded multi-year strategic alliance with Microsoft to deliver payments solutions in the cloud. The alliance will accelerate and expand ACI's cloud payments offerings in Microsoft Azure as more financial institutions embrace digital transformation.

The No More Ransom project celebrates its fifth anniversary today after helping over six million ransomware victims recover their files and saving them almost €1 billion in ransomware payments. "The decryptors available in the No More Ransom repository have helped more than six million people to recover their files for free," the Europol said.

Thales has announced what it claims is the "World's first" payment card to include an onboard fingerprint sensor, promising improved security and usability - and an end to contactless payment limits. The Thales Gemalto Biometric Sensor Payment card, the company explained, replaces the traditional PIN with an on-card fingerprint sensor and requires no modifications to existing point-of-sale payment terminals.

This new card, which integrates a biometric sensor, provides users with increased security and convenience. The contactless biometric card simplifies proximity payments and also provides an essential level of privacy and confidence.

Taken at face value, these events could be taken to imply that law enforcement has found some way to crack the encryption of bitcoin wallets. Tracing bitcoin wallets is difficult but not beyond the resources of law enforcement.

Presumably conscious of the preceding Colonial Pipeline attack in which a $4.4 million blackmail payoff resulted in a decryptor that, though functional in theory, was worthless in practice because it ran far too slowly, the REvil crew even blithely claimed that their so-called universal decryptor would allow everyone to "Recover from attack [sic] in less than an hour". Account privileges that attackers typically go after include the local SYSTEM account or even Domain Administrator, which puts the attackers on an equal footing with your own sysadmins.

Cyber insurance isn't exactly driving organisations to improve their infosec practices, a think-tank has warned - and some insurers are thinking of giving up thanks to the impact of ransomware. "To date, the shortcomings of cyber insurance mean that its impact is ultimately more limited than policymakers and businesses might hope," concluded the Royal United Services Institute's latest report, Cyber Insurance and the Cyber Security Challenge.