Accused JPMorgan Chase Hacker Plans to Plead Guilty

Account Takeover , Anti-Money Laundering (AML) , Breach Notification 83 Million Accounts Compromised as Part of Massive Alleged Fraud Scheme Mathew J. Schwartz (euroinfosec) • September 20, 2019     A Russian man accused of perpetrating the biggest heist of customer bank data in U.S. history intends to plead guilty to charges filed against him, according to court documents. See Also: Webinar | Beyond Managed Security Services: SOC-as-a-Service for Financial…

September 21, 2019
Read More >>

Report: FBI Subpoenaed Data From Banks, Credit Agencies

Cybercrime , Fraud Management & Cybercrime , Governance Corporations Received ‘National Security Letters’ Demanding Information Scott Ferguson (@Ferguson_Writes) • September 20, 2019     (Photo: Tim Evanson via Flickr/CC ) The FBI has issued hundreds of subpoenas to major banks, the big three credit rating agencies and other corporations as part of an ongoing counterterrorism program that collects personal and financial data, the New York Times reports. See Also: 10…

September 20, 2019
Read More >>

Other Attackers Reuse Old Magecart Domains: Report

Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management Researchers Say Widespread Web-Skimming Attacks Spawn Secondary Cybercrime Market Jeffrey Burt (jburttech) • September 20, 2019     Decommissioned domains that were part of the pervasive Magecart web-skimming campaigns are being put to use by other cybercriminals who are re-activating them for other scams, including malvertising, according to researchers at RiskIQ, a San Francisco-based cybersecurity firm. See Also: Webinar |…

September 20, 2019
Read More >>

Eight US Cities See Payment Card Data Stolen

Application Security , Electronic / Mobile Payments Fraud , Fraud Management & Cybercrime Vulnerability in Click2Gov Software Has Been Patched, Vendor Says Jeremy Kirk (jeremy_kirk) • September 20, 2019     Photo: Petr Kratochvia via Wikimedia Commons More than 20,000 payment card records have been harvested from the Click2Gov payment portals of eight U.S. cities in a second wave of attacks that follows a large one last year, according to…

September 20, 2019
Read More >>

JPMorgan Chase’s Accused Hacker Plans to Plead Guilty

83 Million Accounts Compromised as Part of Massive Alleged Fraud Scheme Mathew J. Schwartz (euroinfosec) • September 20, 2019     A Russian man accused of perpetrating the biggest heist of customer bank data in U.S. history intends to plead guilty to charges filed against him, according to court documents. See Also: Webinar | Beyond Managed Security Services: SOC-as-a-Service for Financial Institutions Andrei Tyurin, 36, was extradited from the Eastern…

September 20, 2019
Read More >>

Analysis: Fallout From the Snowden Memoir

The latest edition of the ISMG Security Report features a discussion of the controversies surrounding the release of whistleblower Edward Snowden’s memoir. In this report, you’ll hear (click on player beneath image to listen): ISMG’s Mathew Schwartz analyze the implications of Snowden’s memoir; ISMG’s Jeremy Kirk discuss the missteps in the disclosure of a Lumen PDF breach; Accenture Security’s Valerie Abend describe how U.S. banks are tackling identity management. The…

September 20, 2019
Read More >>

Eight US Cities See Payment Data Card Stolen

Vulnerability in Click2Gov Software Has Been Patched, Vendor Says Jeremy Kirk (jeremy_kirk) • September 20, 2019     Photo: Petr Kratochvia via Wikimedia Commons More than 20,000 payment card records have been harvested from the Click2Gov payment portals of eight U.S. cities, a second wave of attacks that follows a large one late year, according to a firm that tracks stolen payment card data. See Also: Webinar | Beyond Managed…

September 20, 2019
Read More >>

Phony IRS Emails Promise Refund, But Deliver Botnet Instead

Cybercrime , Fraud Management & Cybercrime , Social Engineering Cofense: Phishing Campaign Helps Spread the New Amadey Botnet Apurva Venkat (@VenkatApurva) • September 19, 2019     A new phishing email campaign promises to deliver a tax refund, but instead helps spread a botnet called Amadey, according to researchers at the security firm Cofense. See Also: Webinar | Beyond Managed Security Services: SOC-as-a-Service for Financial Institutions These phishing emails are…

September 19, 2019
Read More >>

Facebook Removes Hundreds of Fake Accounts

Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Social Media Majority of Phony Postings Originated in Ukraine and Iraq Akshaya Asokan (asokan_akshaya) • September 19, 2019     Fake pages that Facebook has recently removed (Image: Facebook) Facebook announced this week that it has removed hundreds of fake user accounts and pages after an investigation determined they were used to spread misinformation about local politics and events. See…

September 19, 2019
Read More >>

Cryptoming Botnet Smominru Returns With a Vengeance

Cybercrime , Endpoint Security , Fraud Management & Cybercrime Researchers: New Campaign Spreading Worldwide Jeffrey Burt (jburttech) • September 19, 2019     The crypotmining botnet Smominru, which has been around since at least 2017, has resurfaced with a new campaign that has infected 90,000 devices worldwide, including in the U.S., China and Russia, according to security analysts at Guardicore, a Boston-based security firm. See Also: Key Trends in Payments…

September 19, 2019
Read More >>