The annual cost of worldwide data breaches will surpass $5 trillion by 2024, with North American businesses absorbing the highest share, according to a newly published Juniper Research report. Current yearly cost totals sit at $3 trillion, which means the jump to $5 trillion in five years represents an average annual growth of 11 percent.…
A federal grand jury in Seattle yesterday indicted alleged Capital One data thief Paige Thompson in relation to a series of breaches and cryptojacking attacks that victimized more than 30 different companies. The indictment alleges that Thompson, 33, created a software program that identifies web application firewall misconfigurations while scanning the publicly-facing portion of servers…
Law enforcement authorities rescued roughly 850,000 machines that were infected with Retadup malware by replacing the command-and-control infrastructure with a disinfection server, causing the worm to self-destruct. The operation took place last July under the auspices of the French National Gendarmerie’s Cybercrime Fighting Center and the FBI, and was significantly aided by researchers at Avast,…
Cybersecurity company Imperva today disclosed a data breach that impacts certain customers of its Cloud Web Application Firewall (WAF) product who had accounts through Sept. 15, 2017. The breach exposed email addresses, hashed and salted passwords, and, for a subset of customers, API keys and customer-provided SSL certificates. In a company blog post, Imperva says…
Researchers recently spotted a sneaky phishing scam that uses a phony two-factor authentication request to trick email recipients into entering their Instagram login credentials. “Someone tried to log in to your Instagram account. If this wasn’t you, please use the following code to confirm your identity,” according to the fraudulent email, which provides a six-digit…
After peaking in 2016, the number of active hacktivist groups have since dipped precipitously, as has overall online chatter regarding hacktivism, according to a new report from researchers at Recorded Future. Furthermore, the researchers found a marked reduction in the frequency of large-scale international hacktivism campaigns. Members of the company’s Insikt Group team theorize that…
Web hosting provider and Internet domain registrar Hostinger International, Ltd. has disclosed that an unauthorized third party breached its internal system API last Friday and gained access to data belonging to roughly 14 million users. In a blog post announcement yesterday, the company said that on Aug. 23 it received an alert that someone had…
Federal prosecutors today unsealed a 252-count indictment against 80 individuals – mostly Nigerian nationals – who allegedly conspired to bilk at least $46 million from victims via romance scams, business email compromises and other online fraud schemes. The grand jury indictment was filed in the Central District of California back in October 2018 and unsealed…
Cybercriminals have set a trap for Fortnite gamers, creating a ransomware program that comes disguised as a cheat hack, but actually encrypts files and then deletes them every two hours unless the victim pays up. The ransomware is named Syrk, but researchers at Cyren say in a blog post published this week that it is…
Cybercriminals are upping the ante when it comes to compromising websites with Magecart payment card skimmers, as evidence by the recent discovery of two infected web domains used by poker enthusiasts. A Malwarebytes blog post this week identified the two affected web pages as pokertracker.com and its subdomain pt4pokertracker.com. Both are related to a software…
