SWIFT Warns of New Bank Attack Targeting PDF Software
Attackers have successfully compromised another bank using the SWIFT messaging system for money transfers, and deployed malware that used an exploit for a vulnerability in PDF software. The attack was a multi-stage effort and officials at SWIFT (Society for World Interbank Financial Telecommunications) say that the attackers have a deep understanding of bank networks and […]
EFF Releases CertBot Client for Let’s Encrypt CA
The EFF has released a new client, called CertBot, to help site owners quickly obtain HTTPS certificates from the Let’s Encrypt certificate authority, making it even simpler to offer encrypted connections for users. Let’s Encrypt is an initiative started by the EFF and many other sponsors to deploy encrypted connections in as many places as […]
Walmart Sues Visa Over Chip-and-PIN Security
In what may be a sign of things to come, Walmart, the world’s largest retailer, has filed a lawsuit against Visa USA over the payment card brand’s refusal to allow consumers to use PINs, rather than signatures, to verify their identities during transactions with chip cards. The suit, filed this week in New York State […]
On the Wire Podcast: David Dewey on Phone Fraud
Dennis Fisher talks with David Dewey, director of research at Pindrop, about the data in the 2016 Phone Fraud Report. Since 2013 there has been a 45 percent increase in phone fraud and now more than one in every 2,000 calls to corporate call centers is fraudulent. This kind of fraud is costing business as […]
SamSam and the Rise of Corporate Ransomware
The SamSam ransomware that caused serious damage to a California hospital and has infected many other enterprises in the United States is continuing to evolve and add new functionality as its developers look to stay ahead of researchers and defenders. SamSam is part of the newer wave of ransomware variants that don’t just rely on individual […]
Call Center Fraud Grows 45% Since 2013
Today we are pleased to announce our latest Pindrop Labs research, the 2016 Call Center Fraud Report. Our team has analyzed over 10 million calls to major enterprise call centers in the US and UK using patented PhoneprintingTM technology. The report outlines impact by vertical, attacker device type, and attacker location for enterprises in the US and […]
Data Shows Phone Fraud Costing Businesses as Much as $27M a Year
Last year, about one in every 1,700 calls to a corporate call center in the United States was from a fraudster, and those malicious calls can cost large organizations as much as $27 million per year, new research shows. The rate of phone fraud in corporate call centers has jumped by more than 45 percent in the last […]
FCC, FTC Demand Info From Carriers and Vendors on Security Updates
The FCC and FTC are demanding information from wireless carriers and device manufacturers on their processes for developing and deploying security updates, including whether carriers delay updates for operating systems with known vulnerabilities or stop offering patches for older versions of an OS. The letter from the FCC went to all of the major United […]
Inside the AlphaLocker Ransomware
The ransomware ecosystem has developed largely underground, and insights into the way that the malware is developed and controlled are rare. But researchers at Cylance recently got an inside look at the way that AlphaLocker ransomware goes about its business and found that the operation is surprisingly simple and yet still quite effective. AlphaLocker is […]