Security researchers recently uncovered a new version of the Backoff POS malware, which offers several new features that make it tougher to eradicate. This infographic offers a roundup of a number of significant recent malware developments.
FireEye is warning Apple users about a flaw in which downloaded malicious apps can replace genuine iOS apps, an exploit the security firm is dubbing the "Masque Attack." Experts offer insights on mitigating the threat.
MasterCard is testing a biometric wristband that authenticates a user's identity for payment card transactions by monitoring their heartbeat. Payment experts weigh in on whether the technology has the potential for widespread use in preventing card fraud.
Poor post-breach communication can cause as much damage to a company's reputation as the cyber-incident itself, says Al Pascual, a senior analyst at Javelin Strategy & Research, who will speak at ISMG's Fraud Summit Dallas.
U.S. and European law enforcement officials have arrested 17 alleged vendors and operators of illegal "Darknet" online marketplaces, shuttered 410 websites - including Silk Road 2.0 - and seized narcotics and $1 million in bitcoins.
A hotel booking website hack - resulting in stolen payment cards - triggers a regulator's warning that businesses still need to pay close attention to eliminating SQL injection vulnerabilities from their websites and emphasizing secure coding.
In addition to 56 million payment cards being compromised in the Home Depot data breach, approximately 53 million e-mail addresses also were stolen, the retailer reported in an investigation update on Nov. 6.
The developers of the Backoff point-of-sale malware that's infected more than 1,000 U.S. businesses have continued to refine their attack code, including encrypting communications and making the malware tougher to spot or eradicate, researchers say.
Apple iOS and Mac OS X devices are susceptible to WireLurker, a previously unseen malware family that spreads via a third-party Chinese app store, and which can infect even non-jailbroken iOS devices, Palo Alto Networks warns.
The Dutch government this week upheld a 2012 U.S. extradition request for Vladimir Drinkman, who's accused of masterminding the "Shadowcrew" team that hacked Nasdaq, 7-Eleven and others, stealing 160 million cards and causing $300 million in damages.
Nearly three years after his indictment, the alleged kingpin of an Estonian gang that infected 4 million PCs in more than 100 countries with malware, generating an estimated $14 million in fraudulent online ad revenue, has been extradited to the U.S.
A foreign currency flaw in Visa's EMV-based contactless payment card system in the U.K. could be abused to commit fraud using NFC-enabled Android devices, researchers say. But Visa discounts the possibility of real-world attacks succeeding.
Automated attacks have potentially compromised the majority of websites that run the Drupal content management system, giving attackers platforms for launching malware, DDoS attacks and spam, according to the Drupal security team.
The developer of CurrentC, a mobile wallet application, has confirmed a breach at its e-mail provider, which has resulted in the compromise of e-mail addresses for those participating in a pilot program or who requested information about it.
As part of their breach response strategies, organizations need to establish clear guidelines in advance so they know when it's appropriate to offer victims free credit monitoring or ID theft protection services.