Microsoft and its partners are continuing to put pressure on the Trickbot malware operation, eliminating an estimated 94% of its infrastructure. But some security researchers warn that the botnet's operators are developing workarounds to re-establish its infrastructure, enabling the group to resume its activities.
MAXEX, a company that develops a digital trading platform for the secondary mortgage market in the U.S., leaked 9 GB of internal documentation as well as full mortgage applications for 23 individuals. The data was released by a Swiss-based developer who apparently was unaware it was sensitive.
A international law enforcement operation involving 16 countries has resulted in the arrest of 20 individuals suspected of belonging to the QQAAZZ criminal network, which helped launder cash and cryptocurrency for other cybercriminals.
The Joker's Stash darknet marketplace has posted a fresh collection of 3 million credit cards that are likely related to a breach of the Dickey's Barbecue Pit chain of franchised restaurants, according to Gemini Advisory.
Criminals have been seeking innovative new ways to steal cash from ATMs. In the U.S., there has been a surge in physical attacks, while Europe has seen a sharp increase in "black box" attacks designed to make ATMs dispense cash on demand.
A newly identified financially motivated threat group, dubbed "FIN11," is deploying Clop ransomware and exfiltrating data from its targets for extortion efforts, according to researchers at FireEye Mandiant.
As new payment trends emerge, such as the surge in ecommerce during the COVID-19 pandemic, payment card standards also must change, says Jeremy King of the PCI Security Standards Council, who will be a featured speaker at ISMG's Virtual Cybersecurity and Fraud Summit: London on Oct. 20.
Business email compromise scams continue to proliferate around the globe, with the U.S. now second only to Nigeria as a home base for the cybercriminal organizations waging the campaigns, according to a study by the security firm Agari.
Despite the takedown of the Trickbot botnet by Microsoft and others Monday, the malware is still functioning, and its operators retain the tools needed to rebuild their malicious network, some cybsersecurity experts say. So the impact, while significant, could prove to be temporary.
Microsoft collaborated with cybersecurity companies and government agencies to take down the million-device Trickbot botnet in an effort to help protect the Nov. 3 U.S. election and stop the global spread of ransomware and other malware.
A hacking group is taking aim at industrial targets in an ongoing cyberespionage campaign, security firm Kaspersky reports. The group, dubbed "MontysThree," uses a variety of techniques, including steganography, to avoid detection.
A hack-for-hire group dubbed "Bahamut" is renting out its espionage and disinformation services to the highest bidder to target nonprofit organizations and diplomats across the Middle East and southern Asia, according to security researchers at BlackBerry.