Security News

The US Treasury on Tuesday sanctioned virtual cryptocurrency exchange Suex OTC for handling financial transactions for ransomware operators, an intervention that's part of a broad US government effort to disrupt online extortion and related cyber-crime. According to the US Treasury, more than 40 per cent of the firm's known transaction history involves illicit entities, and that it handled payments from at least eight ransomware variants.

App developers have once again been accused of having butterfingers when it comes to API keys, leaving millions of mobile app users at risk of exposing their personal and payment data. "But like so much of cybersecurity, it's a could-a, should-a situation:"CloudSEK has observed that a wide range of companies - both large and small - that cater to millions of users have mobile apps with API keys that are hardcoded in the app packages," according to CloudSEK researchers Arshit Jain and Sai Ahladini Tripathy.

An open redirect on a UK council-backed property website allowed low-level miscreants to evade filters. The website operated by tech services biz Civica had an open redirect being actively abused by spammers, piggybacking off the website's domain authority so their messages weren't flagged up by scanning tools.

ACI Worldwide announced a collaboration with PayPal to bring digital wallet payment options to ACI's biller clients like Monroe County Water Authority. PayPal and Venmo will be integrated with ACI Speedpay, giving consumers more options to make bill payments conveniently and securely using the digital methods that suit them best.

Two reports slap hard figures on what's already crystal clear: Ransomware attacks have skyrocketed, and ransomware payments are the comet trails that have followed them skyward. As far as the sheer multitude of attacks goes, Barracuda researchers on Thursday reported that they've identified and analyzed 121 ransomware incidents so far in 2021, a 64 percent increase in attacks, year-over-year.

SEE: Ransomware attack: Why a small business paid the $150,000 ransom. Though ransomware gangs may not necessarily employ all four tactics in one attack, they will certainly turn to more than one, such as encryption and the release of data or encryption and denial of service attacks.

ACI Worldwide announced an expanded multi-year strategic alliance with Microsoft to deliver payments solutions in the cloud. The alliance will accelerate and expand ACI's cloud payments offerings in Microsoft Azure as more financial institutions embrace digital transformation.

The No More Ransom project celebrates its fifth anniversary today after helping over six million ransomware victims recover their files and saving them almost €1 billion in ransomware payments. "The decryptors available in the No More Ransom repository have helped more than six million people to recover their files for free," the Europol said.

Thales has announced what it claims is the "World's first" payment card to include an onboard fingerprint sensor, promising improved security and usability - and an end to contactless payment limits. The Thales Gemalto Biometric Sensor Payment card, the company explained, replaces the traditional PIN with an on-card fingerprint sensor and requires no modifications to existing point-of-sale payment terminals.

This new card, which integrates a biometric sensor, provides users with increased security and convenience. The contactless biometric card simplifies proximity payments and also provides an essential level of privacy and confidence.