Security News

Open redirect on UK council website was being used for Royal Mail-themed parcel payments scam
2021-09-13 15:15

An open redirect on a UK council-backed property website allowed low-level miscreants to evade filters. The website operated by tech services biz Civica had an open redirect being actively abused by spammers, piggybacking off the website's domain authority so their messages weren't flagged up by scanning tools.

ACI Worldwide partners with PayPal to bring digital wallet payment options to its biller clients
2021-08-17 00:00

ACI Worldwide announced a collaboration with PayPal to bring digital wallet payment options to ACI's biller clients like Monroe County Water Authority. PayPal and Venmo will be integrated with ACI Speedpay, giving consumers more options to make bill payments conveniently and securely using the digital methods that suit them best.

Ransomware Payments Explode Amid ‘Quadruple Extortion’
2021-08-12 16:06

Two reports slap hard figures on what's already crystal clear: Ransomware attacks have skyrocketed, and ransomware payments are the comet trails that have followed them skyward. As far as the sheer multitude of attacks goes, Barracuda researchers on Thursday reported that they've identified and analyzed 121 ransomware incidents so far in 2021, a 64 percent increase in attacks, year-over-year.

Ransomware demands and payments reach new highs
2021-08-09 17:50

SEE: Ransomware attack: Why a small business paid the $150,000 ransom. Though ransomware gangs may not necessarily employ all four tactics in one attack, they will certainly turn to more than one, such as encryption and the release of data or encryption and denial of service attacks.

ACI Worldwide expands alliance with Microsoft to deliver payments solutions in the cloud
2021-08-07 23:30

ACI Worldwide announced an expanded multi-year strategic alliance with Microsoft to deliver payments solutions in the cloud. The alliance will accelerate and expand ACI's cloud payments offerings in Microsoft Azure as more financial institutions embrace digital transformation.

No More Ransom saves almost €1 billion in ransomware payments in 5 years
2021-07-26 13:24

The No More Ransom project celebrates its fifth anniversary today after helping over six million ransomware victims recover their files and saving them almost €1 billion in ransomware payments. "The decryptors available in the No More Ransom repository have helped more than six million people to recover their files for free," the Europol said.

Thales launches payment card with onboard fingerprint scanner
2021-07-22 08:30

Thales has announced what it claims is the "World's first" payment card to include an onboard fingerprint sensor, promising improved security and usability - and an end to contactless payment limits. The Thales Gemalto Biometric Sensor Payment card, the company explained, replaces the traditional PIN with an on-card fingerprint sensor and requires no modifications to existing point-of-sale payment terminals.

Thales’s biometric payment card provides users with increased security and convenience
2021-07-21 02:15

This new card, which integrates a biometric sensor, provides users with increased security and convenience. The contactless biometric card simplifies proximity payments and also provides an essential level of privacy and confidence.

Seizing Cryptocurrency: How is Law Enforcement Tracing and Recovering Bitcoin Payments?
2021-07-12 12:01

Taken at face value, these events could be taken to imply that law enforcement has found some way to crack the encryption of bitcoin wallets. Tracing bitcoin wallets is difficult but not beyond the resources of law enforcement.

Where do all those cybercrime payments go?
2021-07-09 18:57

Presumably conscious of the preceding Colonial Pipeline attack in which a $4.4 million blackmail payoff resulted in a decryptor that, though functional in theory, was worthless in practice because it ran far too slowly, the REvil crew even blithely claimed that their so-called universal decryptor would allow everyone to "Recover from attack [sic] in less than an hour". Account privileges that attackers typically go after include the local SYSTEM account or even Domain Administrator, which puts the attackers on an equal footing with your own sysadmins.