Qatar National Bank has suffered a massive breach involving 1.4 GB of sensitive internal files being dumped online by unknown attackers. Experts say customers' records, access credentials and payment card data have been exposed.
In an alert to banks, SWIFT warns that it's seen repeat attempts by hackers to subvert its messaging system, which banks around the world use to move money. It's released a "mandatory" software update to help customers identify signs of attack.
A report that the $81 million Bangladesh Bank heist was linked to customized malware has raised questions about the security of SWIFT transactions. But the more critical issue, fraud experts say, is the need for banks to have proper security controls in place to detect and prevent network intrusions.
The U.S. government is actively disrupting - rather than just monitoring - computer systems, networks and communications technologies used by the jihadi fighters known as ISIS, ISIL or Daesh, according to a news report.
The online heist of $81 million from Bangladesh Bank involved custom malware that hacked the database used by the bank's SWIFT software, allowing attackers to transfer money and hide their tracks, according to BAE Systems Applied Intelligence. SWIFT will issue software updates and security guidance to all customers.
Prosecutors have expanded a complex case, involving an alleged pump-and-dump stock scheme, hacking into U.S. banks and operating an unlicensed bitcoin exchange, to include money-laundering charges related to processing bitcoin ransoms paid by ransomware victims.
A previously unknown cybercrime group has hacked into numerous organizations in the retail and hospitality sectors to steal an estimated 20 million payment cards, collectively worth an estimated $400 million via underground cybercrime forum sales, FireEye reports.
Two of the hacker masterminds behind the notorious SpyEye malware have each received lengthy prison sentences after pleading guilty to related charges in U.S. federal court. But alleged Zeus creator and accomplice Evginy Bogachev remains at large.
A jury's decision to award $940 million in damages to electronic health records software vendor Epic Systems, which had sued India's Tata Consultancy Services alleging theft of trade secrets, serves up lessons about the importance of restricting access to all sensitive data, including intellectual property.
Attackers have been exploiting JBoss application servers to install remote-control web shells as part of a campaign that targets enterprises with network-hopping SamSam (a.k.a. Samas) ransomware, researchers at Cisco Talos warn.
A cybercrime gang has been using new malware to target business customers of banks in the United States and Canada and steal millions of dollars, primarily from business accounts, researchers at the IBM X-Force security group warn.
Russian authorities have reportedly sentenced Dmitry "Paunch" Fedotov, the developer of the notorious Blackhole exploit kit that's been linked to large amounts of fraud, to seven years in prison - an unusually severe sentence for online crime in that nation.
Is it ever acceptable for ransomware victims to pay a ransom to obtain the decryption key required to restore access to their data? Due to poor preparation, many organizations continue to face that question.
Backed by its own logo, Badlock refers to a set of critical Samba vulnerabilities in Windows and most Unix/Linux operating systems, which attackers could exploit to launch man-in-the-middle attacks against corporate networks.