Security News

Attackers using Ryuk and Sodinokibi - aka REvil - are increasingly "Focusing their attacks on large companies where they can attempt to extort the organization for a seven-figure payout," it says, noting that the average Ryuk ransom payment last quarter was $780,000. One commonality across all types of tools is that attackers overwhelmingly continue to demand ransom payments in bitcoins.

New York state senators have proposed two bills that would require government agencies to tell ransomware attackers to get lost. We've seen mayors in US cities resolve to eschew paying ransom to get their systems back from attackers, but New York is the first state to make a move in that direction - and to back it up with actual legislation.

Aleksey Burkov, a Russian national who was extradited to the U.S. from Israel in November, pleaded guilty Thursday to federal charges related to owning and operating a site called "Cardplanet," which trafficked in stolen payment card data, according to the Justice Department. Burkov, 29, pleaded guilty to charges that included access device fraud; conspiracy to commit computer intrusion, identity theft, wire and access device fraud; and money laundering.

Faster payments are the new reality in more than 40 countries, and this innovation is benefiting consumers and businesses alike. Criminals are also enjoying the speed and non-refutable nature of these transfers, and in many deployments faster payments quickly translates to faster fraud.

Paysafe, a leading specialized payments platform, has expanded its omni-channel payments offering through the launch of the Cloud SDK from Handpoint, a pioneer in defining integrated payments. Complementing the existing Handpoint APIs and SDKs used by Paysafe clients with Android, iOS, and desktop apps, the Cloud SDK allows independent software vendors with cloud-based platforms to provide businesses with enhanced in-person payments.

Dixons Retail is facing a £500,000 penalty from the Information Commissioner's Office after a hacker installed malware that infected thousands of point of sale tills and scooped up 5.6 million payment card details. The ICO told us that in addition to the aforementioned personal financial data, Dixons had initially found that roughly 10 million non-financial records had also been pilfered from the retailer's internal servers and exfiltrated.

"Payment players will need to get their data houses in order, given that we anticipate the introduction of new payment rails and open solutions in 2020, as well as a sustained increase in cross-border transaction volume." "Payment tokens help make transactions safer by eliminating the transfer of actual payment data for e-commerce and mobile payments and can deliver a seamless yet secure digital payment experience."The updated 3-D Secure specification enables real-time exchange of 10 times more contextual data between merchants and financial institutions to improve decision-making.

A researcher has found two new methods that payment card number thieves are using to try to stay under the radar. The attackers are sometimes referred to as Magecart, a name for a slew of groups that steal payment card numbers.

Houston, Texas-based dining, hospitality and gaming company Landry's revealed recently that it had discovered a piece of malware designed to steal payment card information on its systems. Following a payment card breach that hit the company's restaurants in 2015, Landry's started using a payment processing solution that relies on end-to-end encryption to protect sensitive information on point-of-sale terminals.

Landry's, a popular restaurant chain in the United States, has announced a malware attack on its point of sale systems that allowed cybercriminals to steal customers' payment card information. According to the breach notification published this week, the malware was designed to search for and likely steal sensitive customer credit card data, including credit card numbers, expiration dates, verification codes and, in some cases, cardholder names.