ThreatList: $1.1M is Lost to Cybercrime Every Minute of Every Day
Every minute, there are also 5,518 records leaked from publicly disclosed incidents. Continue reading ThreatList: $1.1M is Lost to Cybercrime Every Minute of Every Day
Category Archives: RiskIQ
Cybercrime gangs continue to go where the money is
According to the APWG’s new Phishing Activity Trends Report, phishing in the first part of 2018 surged 46 percent higher than late 2017. The total number of phish detected in the first quarter of 2018 was 263,538. That was up from the 180,577 observed … Continue reading Cybercrime gangs continue to go where the money is
WhiteHat Security and RiskIQ partner to fortify digital asset management
As businesses migrate to digital channels to improve their product offerings, promote business and enhance customer and employee engagement, their online presence and attack surface simultaneously expand—opening doors to brand misuse and even data thef… Continue reading WhiteHat Security and RiskIQ partner to fortify digital asset management
Ticketmaster breach part of massive credit card skimming campaign
RiskIQ researchers have discovered that the recent breach of Ticketmaster was not a one-off event as initially reported, but part of a massive digital credit card-skimming campaign by the threat group Magecart affecting over 800 e-commerce sites around… Continue reading Ticketmaster breach part of massive credit card skimming campaign
Report suggests Ticketmaster breach was broader than initial disclosure
A payment data breach disclosed by Ticketmaster UK last month was just one effort amid a much wider skimming campaign, according to a report released Tuesday by cybersecurity company RiskIQ. Ticketmaster UK said that it was breached via Inbenta, a third-party customer service chat application it used on its website. According to RiskIQ, the breach was the work of Magecart, a threat group that seeks out insecure code on e-commerce website. The group then modifies or replaces the code in order to steal customers’ payment information. Ticketmaster’s and Inbenta’s initial accounts of the breach differed slightly. The ticketing giant stressed that the compromise happened via a tool provided by Inbenta. While Inbenta acknowledged that the JavaScript code provided to Ticketmaster was the source of the breach, Inbenta claimed the breach occurred because the ticketing company applied the code to its payments page without notifying Inbenta. However, RiskIQ says it observed instances where the Inbenta […]
The post Report suggests Ticketmaster breach was broader than initial disclosure appeared first on Cyberscoop.
Continue reading Report suggests Ticketmaster breach was broader than initial disclosure
Cryptomining apps are on the rise, malicious apps in app stores decline
RiskIQ analyzed 120 mobile app stores and more than two billion daily scanned resources. The findings showed that taking advantage of the popularity and volatility of the cryptocurrency landscape is paying off for threat actors via the mobile attack ve… Continue reading Cryptomining apps are on the rise, malicious apps in app stores decline
Malicious apps in app stores decrease 37 percent
Malicious mobile apps were on the decline in Q4 of 2017 largely due to a decrease in the inventory of AndroidAPKDescargar, the most prolific dealer of blacklisted apps, according to RiskIQ in its Q4 mobile threat landscape report, which analyzed 120 mo… Continue reading Malicious apps in app stores decrease 37 percent
Here’s what keeps your CISO up at night
89.1 percent of all information security leaders are concerned about the rise of digital threats they are experiencing across web, social and mobile channels, according to the 2018 CISO Survey by RiskIQ. Some 1,691 U.S. and U.K. information security le… Continue reading Here’s what keeps your CISO up at night
Infosec expert viewpoint: Google Play malware
Researchers routinely discover a variety of malicious apps on Google Play, some of which have been downloaded and installed on millions of devices worldwide. Here’s what infosec experts think about the security of Google Play, what they think Google sh… Continue reading Infosec expert viewpoint: Google Play malware
North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season
Cybercriminals linked to North Korea appear to be simultaneously targeting point-of-sale (POS) systems as well as cryptocurrency platforms as the annual holiday spike continues in retail stores and the hype surrounding bitcoin surges, according to research by cybersecurity firms Proofpoint and RiskIQ. Reports by the two companies published late Tuesday shine a light on the ways in which hackers are increasingly developing different types of custom attacks to either steal cryptocurrency or infect computers with so-called “cryptojacking” software. The latter involves the covert installation of malicious computer code into compromised web browsers in order to siphon off processing power, which can in turn be used to mine cryptocurrencies. The researchers say the hacks in question are connected to the Lazarus Group, the cybersecurity community’s name for North Korea’s premier cybercrime and cyber-espionage organization. Attacks on the financial system are one of the communist regime’s chief sources of funding as it faces global sanctions […]
The post North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season appeared first on Cyberscoop.