Point-of-sale device manufacturers Verifone and Ingenico have released fixes for flaws in some of their devices after researchers found the vulnerabilities could have enabled attackers to steal payment card data, clone cards or install malware.
As one of the fastest growing markets, MENAP represents a huge opportunity for merchants in the region and on a global scale. But success depends on understanding the changing consumer behaviors, accelerated by COVID-19. Like a positive shift in sentiment towards the security of digital payments.
Plus, explore...
Criminals have been seeking innovative new ways to steal cash from ATMs. In the U.S., there has been a surge in physical attacks, while Europe has seen a sharp increase in "black box" attacks designed to make ATMs dispense cash on demand.
Despite the shift to e-commerce during the pandemic, attacks against POS devices persist. For example, Visa's payment fraud disruption team uncovered recent malware attacks on POS devices used by two North American hospitality companies.
A flaw in how contactless cards from Visa - and potentially other issuers - have implemented the EMV protocol can be abused to bypass PIN verification for high-value transactions, ETH Zurich researchers warn. But Visa says the exploits would be "impractical for fraudsters to employ" in real-world attacks.
Diebold Nixdorf and NCR have issued patches for ATM software vulnerabilities that could enable a hacker with physical access to the devices to commit deposit forgery, according to the Carnegie Mellon University CERT Coordination Center.
Dozens of suspects have reportedly been arrested in connection with an ATM cash-out scheme that targeted Santander Bank branches in New Jersey, New York and Connecticut.
Diebold Nixdorf, a major manufacturer of ATMs, has issued an alert about "jackpotting" or "cash-out" attacks that are draining cash from its machines in several European countries. What makes these attacks unusual?
The notorious carder marketplace Joker's Stash is advertising a fresh batch of 400,00 stolen payment cards issued by both South Korea and U.S. banks, warns Group-IB. It says that on average, stolen APAC payment card data sells for five times more than stolen U.S. payment card data.
Faster payments are the new reality in more than 40 countries, and this innovation is benefiting consumers and businesses alike. Criminals are also enjoying the speed and non-refutable nature of these transfers, and in many deployments faster payments quickly translates to faster fraud.
This does not have to be the...
A New York man was sentenced to five years in federal prison Tuesday after pleading guilty to helping a criminal gang steal nearly $400,000 from several banks through a physical ATM skimming scheme that continued for two years.
The notorious Joker's Stash cybercrime marketplace, which specializes in selling stolen payment card data, has a new listing for 1.3 million credit and debit cards, almost all of which appear to have been issued by Indian banks, reports threat intelligence firm Group-IB.
A newly discovered remote access Trojan called Dtrack has been targeting banks in India for well over a year, Kaspersky researchers say. The malware, which can steal data from ATMs and doubles as a cyberespionage tool, appears to be linked to North Korea's Lazarus Group.
Cybercrime is surging thanks, in part, to the availability of inexpensive hacking tools and services. A recent look by security firm Armour at black market offerings finds stolen payment card data, RDP credentials, ransomware and DDoS services are widely available for sale.
"Silence," a Russian-speaking criminal group that has stolen $4.2 million from ATMs and financial institutions since 2016, has become more active this year, using new tools and tactics in its attacks and expanding its reach globally, according to the security firm Group-IB.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.
