A new kind of point-of-sale malware similar to that which struck Target is being sold in underground markets. The malware was found on VirusTotal, a website where people can submit malware samples to see if one of several dozen security applications detects it.
It had also been advertised on an underground carding website, where people buy and sell stolen payment card data. Retailers across the USA have been hit hard by malware that scans the volatile memory of computers connected to point-of-sale systems, which handle card payments. It appears to share some of the same source code as Dexter and other characteristics of Chewbacca.
Read moreA hacking group has been stealing identity information and reading emails to get the inside edge on stock markets to buy and sell to make quick profits. Vendor FireEye reckons the group sent articulate phishing emails with malicious attachments demonstrating "deep" knowledge of financial markets and corporate communications.
In one instance the attackers targeted five organisations involved in a then non-public merger, months before the deal was announced. In another, it used information gleaned from a hacked consultancy to better target that firm's clients. Malware researchers said the FIN4 group targeted a lot of firms.
Read moreA Vulnerability has been discovered in the wildly popular messaging app WhatsApp, which allows anyone to remotely crash WhatsApp just by sending a specially crafted message. Two India based independent security researchers demonstrated the WhatsApp Message Handler vulnerability to one of our security analyst.
The worried impact of the vulnerability is that the user who received the specially crafted message will have to delete his/her whole conversation and start a fresh chat, because opening the message keeps on crashing WhatsApp unless the chat is deleted completely. What makes it more serious is that one needs to delete entire chat with the person they are chatting to in order to get back whatsapp work in normal.
Read moreData released from a consumer security risks survey found that nearly a third of participants are casual when making online transactions. This action leads to security vulnerability of financial data at risk and poses problems for banks and e-payment systems if they have to refund their clients’ losses.
The study was conducted through an online survey from May to June this year with users from 23 countries. Though users are worried about cyber threats, they still do little to protect themselves. Shocking data shows that children are the most vulnerable Internet users, which poses as a danger for parents.
Read moreA survey by One Poll and Dimensional Research on holiday shopping security practices evaluated online cybersecurity awareness of consumers from the USA and United Kingdom, and revealed that a lot of people believe emails from “trusted brands” are safe to click, and some respondents anticipate doing at least part of their holiday shopping while at work.
Cybercriminals are very resourceful, and they know that the siren song of a good deal is almost always irresistible to bargain hunters. The number one reason to click is trust in a brand, which isn't good there are some very convincing phishing emails that look nearly identical to the real thing.
Read moreBanks in Europe are warning about the emergence of a rare, virtually invisible form of ATM skimmer involving a so-called “wiretapping” device that is inserted through a tiny hole cut in the cash machine’s front. The hole is covered up by a fake decal, and the thieves then use custom-made equipment.
A nonprofit that represents banks in many countries, financial institutions in two countries recently reported ATM attacks in which the card data was compromised internally by “wire-tapping” or “eavesdropping” on the customer transaction. The image below shows some criminal equipment used to perpetrate these eavesdropping attacks.
Read moreExperts warned about the wave of Internet fraud with mobile applications: users of WhatsApp messenger propose to disable the indicator read messages. New feature – indicator reading messages – appeared in WhatsApp in November.
One gray check mark indicates that the message came to the messenger server, dual gray – on a mobile device, dual blue – the chat window is opened by the user. Not all users have approved the innovation, but at the moment to get rid of it is impossible. The dissatisfaction of the users of the most popular in the world of instant messenger benefited from the Scam.
Read moreVirus analysts explored a new Trojan horse, designed to infect smartphones and tablets running the Android OS. This malicious program is capable of stealing personal information of owners of mobile devices, as well as to steal money from Bank accounts.
To start its malicious activity it can only after installation in the system by the owner of the mobile device. It should be noted that the choice of application for simulation depends entirely on the imagination of writers and can be absolutely anything. Once installed, the Trojan sets up a shortcut on the home screen. In Fact, virus is able to implement on the infected Android device two attack scenario.
Read moreNearly half of all web application cyber attack campaigns target retail applications, a study has shown. The retail sector is the most heavily targeted by this type of attack, according to the latest web application attack report by security firm.
The warning comes as online retailers gear up for the two busiest days of the online shopping year in the US and increasingly in the UK too. Websites containing consumer information, which require some form of log-in credentials, suffer from the attacks. Consumer information, such as personal details and credit cards, are a valuable and tradable black market piece of information.
Read moreEarlier this week a federal court in Florida issued a temporary restraining order shutting down a series of organizations in the business of peddling fake software and nonexistent tech support services, temporarily freezing the assets of those companies’ and placing them under the control of a court-appointed receiver.
The scam relies on its victims downloading a piece of free trial software that claims to enhance computer performance or increase security. Once the software is installed, it runs a fake scan on the machine. The defendants’ scanner allegedly always detects a number of problems. Of course, the trial software then informs users that they will need to purchase the full version of the software in order to remedy the issues detected by the scanner.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland