Security News

‘ValidCC,’ a Major Payment Card Bazaar and Looter of E-Commerce Sites, Shuttered
2021-02-02 18:04

ValidCC, a dark web bazaar run by a cybercrime group that for more than six years hacked online merchants and sold stolen payment card data, abruptly closed up shop last week. There are dozens of online shops that sell so-called "Card not present" payment card data stolen from e-commerce stores, but most source the data from other criminals.

US charges NetWalker ransomware affiliate, seizes ransom payments
2021-01-27 20:32

The U.S. Justice Department announced today the disruption of the Netwalker ransomware operation and the indictment of a Canadian national for alleged involvement in the file-encrypting extortion attacks. Earlier today, BleepingComputer reported that law enforcement in the U.S. and Bulgaria seized Netwalker sites on the dark web used for leaking data from non-paying victims and for negotiating payments for data decryption.

Breaking Down Joe Biden’s $10B Cybersecurity ‘Down Payment’
2021-01-25 21:51

President Joe Biden laid out a series of cybersecurity initiatives last week at his inauguration, including earmarking $10 billion for various cybersecurity defense initiatives. While Tom Kellermann, head of cybersecurity strategy for VMware Carbon Black, applauds Biden's plan, he stressed that it should merely be considered a "Down payment" toward a much larger sum needed to invest in digital security.

Ryuk Rakes in $150M in Ransom Payments
2021-01-08 20:19

Joint research released this week from Brian Carter, principal researcher at HYAS, and Vitali Kremez, CEO at Advanced Intelligence, took a the look under the Ryuk hood concerning the business operations of the group. The two were able to trace payments involving 61 Bitcoin deposit addresses attributed to the Ryuk ransomware.

Dark Web Pricing Skyrockets for Microsoft RDP Servers, Payment-Card Data
2020-12-21 17:07

"As a result of COVID-19 and associated global trends, demand for malicious and illicit goods, services and data have reached new peak highs across dark web marketplaces," said researchers in a Friday analysis. Upon a deep-dive investigation into the underground marketplace, researchers found that the pricing for stolen payment cards has soared in 2020; jumping from $14.64 in 2019 to $20.16 in 2020.

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company
2020-12-10 17:45

Payment card processing giant TSYS suffered a ransomware attack earlier this month. TSYS provides payment processing services, merchant services and other payment solutions, including prepaid debit cards and payroll cards.

Payment Card Skimmer Group Using Raccoon Info-Stealer to Siphon Off Data
2020-12-07 04:48

A cybercrime group known for targeting e-commerce websites unleashed a "Multi-stage malicious campaign" earlier this year designed with an intent to distribute information stealers and JavaScript-based payment skimmers. The ultimate goal of the attack, the researchers noted, was to steal payment and user data via several attack vectors and tools to deliver the malware.

Entersekt partners with Cellulant to guard against digital banking and payment fraud
2020-11-25 00:30

The partnership will further enhance Cellulant's cybersecurity by proactively securing its digital banking channels and guarding against digital banking and payment fraud. Entersekt is working with the Cellulant team to integrate its mobile software development kit with Cellulant's product stack, making Entersekt's authentication and app security solutions available to Cellulant's clients.

PCI Pal and Oracle collaborate to add security and compliance options for CNP payments
2020-11-20 00:15

PCI Pal announced a new collaboration with Oracle to offer its contact center customers additional security and compliance options for Cardholder Not Present payments. Bringing together Oracle's market-leading Enterprise Session Border Controller with PCI Pal's proven PCI compliance solutions, Oracle customers can ensure that their voice interactions and sensitive cardholder data are secure.

Coil payments platform leaks user emails in 'Privacy Policy' update
2020-11-17 09:11

Coil has accidentally exposed some of its users' email addresses in a mass email announcement sent out today. At least 1,000 emails disclosed in mass announcement.