Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.
Magecart, the criminal group behind the recent data breach at certain Ticketmaster websites, may have also hit the company's sites in Australia, New Zealand, Turkey and Hungary, according to RiskIQ, which says the group's digital payment card skimmers may also affect as many as 800 other e-commerce sites.
Attackers have stolen $23.5 million in cryptocurrency from Bancor, which is developing a decentralized exchange. The cause of the hack may have been a failure by Bancor to protect authentication keys that allowed for changes in its token smart contracts.
Banco de Chile has become the latest victim of a SWIFT-related malware incident. Attackers first corrupted thousands of PCs' master boot records as a distraction. Then they used fraudulent SWIFT messages to steal $10 million.
Australian police in Queensland are pursuing a criminal investigation into what may be one of the first instances of a company swiping cryptocurrency using a software backdoor after a business deal went bad.
Experts have long warned that bitcoin is not as private as it appears. The very design of bitcoin, as well as some other virtual currencies, can lend a surprising amount of information about the groups using it to transact. In fact, it's sometimes easier to track than if criminals used the banking system.
A group of cybercriminals known for their persistence and precision in executing attacks against banks' ATMs and card processing infrastructures has regrouped despite the arrest of their alleged leader.
Mexican officials are investigating a series of technical glitches that may have been a prelude to a large cyberattack affecting at least five banks, according to news reports. While the full scope of the incidents remains unclear, up to $20 million may have been stolen.
A remote code execution vulnerability revealed in late March in the Drupal content management system is now being used on a large scale for mining the virtual currency monero, a researcher says. At least 400 websites have been infected, and the total number is likely far higher, security experts warn.
Ransomware isn't an easy area to study. But a team of researchers has calculated the minimum paid by all ransomware victims over a two-year period, and found that nearly 75 percent of the bitcoins attackers received got funneled onto Russia's now-shuttered BTC-e cryptocurrency exchange.
Attackers recently snuck cryptomining code onto thousands of websites by inserting it into a third-party accessibility plug-in called Browsealoud. Web specifications designed to guard against these types of rogue actions by third-party code libraries already exist. Why aren't more sites using them?
Australia is the latest country to roll out real-time payments, where funds from an account at one bank reach an account at another bank in seconds. While convenient, the system poses fresh fraud challenges and consumer protection concerns.
More than 4,200 websites, some belonging to the U.S., U.K. and Australian governments, have been turning their visitors' computers into mining machines to harvest the virtual currency Monero. The security lapse continues the recent trend of cryptocurrency mining malware overtaking ransomware.
The booming interest and sometimes surging values of cryptocurrencies are drawing the interest of cybercriminals on a scale never seen before - including attacks aimed at trying to steal computing power to mine cryptocurrency.
The browser is the window to the web. But what's going in the background during that browsing is opaque to most users. A new experiment shows how the computing power of tens of thousands of computers could be unknowingly harnessed to crack passwords, harvest cryptocurrencies or conduct DDoS attacks.
The international payments system is largely based on the three-decades old SWIFT messaging system. But cyberattackers have exploited weak controls employed by banks to make fraudulent transfers. Nick Armstrong of Identitii discusses a path forward for securing payments made with legacy systems.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing fraudtoday.io, you agree to our use of cookies.