Collaborate Disseminate
Visa has initiated pilots with Mountain America Credit Union and Bank of Cyprus of a new EMV dual-interface (chip- and contactless-enabled) payment card, making these the first commercial pilots to test an on-card biometric for contactless payments. Wi… Continue reading On-card biometric for contactless payments tested in first commercial pilots
The Magecart campaign, aimed at compromising online shops with malicious JavaScript code to collects payment card info, is still going strong, and researchers have pinpointed another way threat actors behind it monetize the stolen information. First spotted in October 2016 by RiskIQ and ClearSky researchers, Magecart mainly hits e-commerce sites running outdated and unpatched versions of shopping cart software from Magento, Powerfront, and OpenCart. After gaining access to the web platforms, the attackers change the … More → Continue reading How Magecart attackers monetize stolen payment card info
32-year-old Roman Valeryevich Seleznev, aka Track2, has been handed the longest US hacking sentence to date: 27 years in prison. He was convicted in August 2016, of 38 counts (intentional damage to a protected computer, obtaining information from a protected computer, possession of unauthorized access devices and aggravated identity theft) related to his scheme to hack into point-of-sale computers to steal credit card numbers and sell them on dark market websites. The unprecedentedly long prison … More → Continue reading Russian carding industry pioneer sentenced to 27 years in prison
Distributed guessing attacks are surprisingly effective. Continue reading Thieves can guess your secret Visa card details in just seconds
More than 1 million incidents of financial fraud – payment card, remote banking and cheque fraud – occurred in the first six months of 2016, according to official figures released by Financial Fraud Action UK. To compare, in the first six months of 2015 there were a little over 660,000 cases. “Banks and other financial service providers work hard to protect their customers, using highly sophisticated security systems. Last year, banks stopped £7 in £10 … More → Continue reading UK: Financial fraud soars
American Express users are being actively targeted with phishing emails impersonating the company and advising users to create an “American Express Personal Safe Key” to improve the security of their accounts. Users who fall for the scheme are directed to a bogus Amex login page (at http://amexcloudcervice.com/login/). Once they enter their user ID and password, they are taken to a bogus page that ostensibly leads them trough the SafeKey setup process. The victims are asked … More → Continue reading Amex users hit with phishing email offering anti-phishing protection
Oracle confirms to Krebs that all MICROS customers have been asked to reset passwords. Continue reading Oracle-owned point-of-sale service suffers from malware attack
In the early morning hours of May 15, 2016, a group of over 100 people executed coordinated, fraudulent ATM withdrawals that netted them about 1.44 billion yen. In a period of less than three hours, the members of the group went around Tokyo and 16 other prefectures, and repeatedly withdrew 100,000 yen from ATMs located in convenience stores. All in all, over 14,000 fraudulent withdrawals have been executed with the help of forged payment cards. … More → Continue reading Criminals stole $12.7 million from ATMs in Japan