Security News

India contemplates compulsory dynamic 2FA for digital payments
2024-08-02 03:30

India's central bank on Wednesday proposed a requirement for dynamically generated second authentication factors for most digital payments. "Reserve Bank of India had mandated additional factor of authentication for all transactions undertaken using cards, prepaid instruments and mobile banking channels," explained the central bank.

Cyber insurance isn’t the answer for ransom payments
2024-06-07 04:30

"Our report delivers a clear message: ransomware attacks will continue, be more severe than predicted, and the overall impact will cost organizations more than they expect. Organizations must take action to ensure cyber resiliency and acknowledge that rapid, clean recovery matters most," added Russell. Despite increased focus on cyber-preparedness, organizations still face a misalignment between their backup and cyber teams.

Ransomware negotiator weighs in on the extortion payment debate with El Reg
2024-05-12 20:03

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Japanese police create fake support scam payment cards to warn victims
2024-04-27 17:11

Japanese police placed fake payment cards in convenience stores to protect the elderly targeted by tech support scams or unpaid money fraud. The cards are labeled "Virus Trojan Horse Removal Payment Card" and "Unpaid Bill Late Fee Payment Card," and were created by the Echizen Police in the Fukui prefecture in Japan as an alert mechanism.

Ransomware payments drop to record low of 28% in Q1 2024
2024-04-21 14:21

Ransomware actors have had a rough start this year, as stats from cybersecurity firm Coveware show companies are increasingly refusing to pay extortion demands, leading to a record low of 28% of companies paying ransom in the first quarter of 2024. It is essential to note that despite the drop in the payment rate, the amount paid to ransomware actors is higher than ever before, reaching $1.1 billion last year, according to a Chainalysis report.

Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!
2024-04-19 12:43

More organizations hit by ransomware gangs are starting to realize that it doesn't pay to pay up: "In Q1 2024, the proportion of victims that chose to pay touched a new record low of 28%," ransomware incident response firm Coveware has found. "LockBit was found to still be holding the stolen data of victims that had paid a ransom, and we have also seen prior Hive victims that had paid the extortion, have their data posted on the Hunters International leak site," the company said, noting that "Future victims of data exfiltration extortion are getting more evidence daily that payments to suppress leaks have little efficacy in the short and long term."

Ransomware group maturity should influence ransom payment decision
2024-04-11 13:07

Your organization has been hit by ransomware and a decision has to be made on whether or not to make the ransom payment to get your data decrypted, deleted from attackers' servers, and/or not leaked online. The decision will depend on a variety of factors but, according to GuidePoint Security, an important one should be the overall maturity and prominence of the ransomware operators who pulled off the attack.

Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites
2024-04-06 09:43

Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been...

Cyberattack hits Omni Hotels systems, taking out bookings, payments, door locks
2024-04-03 19:28

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

How CISOs tackle business payment fraud
2024-03-28 05:00

In this Help Net Security video, Shai Gabay, CEO of Trustmi, discusses why payments are a source of cyber worry for CISOs. CISOs are worried about Business Email Compromise, cyber attackers' use of AI, and securing the supply chain.