As senior correspondent for Information Security Media Group's global news desk, Ishita covers news worldwide. She previously worked at Thomson Reuters, where she specialized in reporting breaking news stories on a variety of topics.
Federal agencies will add a layer of security to their websites that use the top-level domain .gov. All the sites eventually will use the HSTS protocol, which ensures that a user's connection to a website is encrypted and can protect against man-in-the middle attacks and cookie hijacking.
Fraudsters are now deploying the IcedID banking Trojan via phishing campaigns that use the COVID-19 pandemic as one of several lures, according to Juniper Threat Labs.
A Nigerian entrepreneur has pleaded guilty to charges stemming from an $11 million business email compromise scheme that targeted a U.K. affiliate of U.S. heavy equipment manufacturer Caterpillar.
The surge in phishing campaigns and other types of fraud using COVID-19 themes has diminished in recent weeks, according to the Microsoft Threat Protection Intelligence Team, which asserts in a new report that such campaigns were never a dominant threat.
U.S. financial institutions are vulnerable to a new array of attacks from cybercriminals and nation-state hackers as a result of the COVID-19 pandemic, experts told a Congressional panel at a virtual hearing.
The notorious Qbot banking Trojan is making a comeback with new features and capabilities that enable it to more effectively steal victims' financial data and credentials, according to cybersecurity researchers at F5 Labs.
Cybercriminals are continuing to take advantage of unsecured Amazon S3 buckets, with RiskIQ researchers recently finding card skimming code and redirects to a long-running malvertising campaign infecting several websites.
Japanese auto giant Honda has confirmed that it sustained a hack attack earlier this week that has affected production operations at several of its global facilities, including plants in the U.S., Japan, Turkey and Italy. Security researchers suspect ransomware is the likely culprit.
An ongoing phishing campaign has targeted top officials at a German multinational company tasked with procuring personal protective equipment during the COVID-19 pandemic, according to IBM. While it's not clear if these attacks were successful, they contain the hallmarks of a nation-state group.
Separate state-sponsored phishing attacks unsuccessfully attempted to infiltrate the campaign offices of President Donald Trump and former Vice President Joe Biden, according to Google. The incidents illustrate ongoing election security challenges.
Fraudsters are using fake VPN update alerts to target remote workers in an effort to steal their Microsoft Office 365 credentials, according to the security firm Abnormal Security.
U.S. federal agencies reported 8% fewer cybersecurity incidents in 2019 compared to the previous year, according to the White House's Office of Management and Budget. But 71 audits of agencies' "high-value assets" showed many remain susceptible to attacks because of a lack of security measures.
The developers behind TrickBot have updated it to run from an infected device's memory to help better avoid detection, according to researchers at Palo Alto Network's Unit 42. The use of this malware has increased during the COVID-19 pandemic.
A recently revamped version of the Valak strain of malware is targeting Microsoft Exchange servers in the U.S. and Germany, according to recent research from Cybereason. The malware has been redesigned to act as an information stealer that can extract corporate data.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.