A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB. The campaign, which targets Office 365 users, appears to trace to attackers operating from Nigeria and South Africa.
Researchers are seeing a spike in opportunism by fraudsters and cybercriminals seeking to profit from the COVID-19 crisis. Underground online markets are offering a range of pandemic-related goods, from face masks to fraudulent vaccines.
The average ransom paid by victims to ransomware attackers reached $111,605 in the first quarter of this year, up 33% from the previous quarter, reports ransomware incident response firm Coveware, which sees the Sodinokibi, Ryuk and Phobos malware families continuing to dominate.
Observations gained from the front lines of Incident Response and Proactive Services in 2019 and insights that matter for 2020
The year 2019 ushered in a host of new adversaries, new attack methods and new challenges for the cybersecurity industry. The CrowdStrike® Services team faced these trials head-on, across...
Microsoft has pushed out a patch for a vulnerability in its Teams collaboration platform that could allow an attacker to take over an organization's accounts through the use of a weaponized GIF image.
Some fraudsters have pivoted from using the COVID-19 pandemic as a phishing lure to creating messages and malicious domains designed to capitalize on various U.S. economic stimulus programs.
The World Health Organization, which has been at the forefront of the global COVID-19 pandemic since the start of the year, has witnessed a "dramatic" increase in the number of cyberattacks since the crisis began, according to the organization's CIO.
It's not so much that the threats have changed amidst the COVID-19 pandemic. It's that the attack surface has broadened, and it's more challenging for defenders to coordinate intelligence, tooling and processes, says Jimmy Astle of VMware Carbon Black.
The notorious carder marketplace Joker's Stash is advertising a fresh batch of 400,00 stolen payment cards issued by both South Korea and U.S. banks, warns Group-IB. It says that on average, stolen APAC payment card data sells for five times more than stolen U.S. payment card data.
The U.S. National Security Agency and the Australian Signals Directorate offer guidance on how to mitigate the growing threat posed by attackers using web shells to create backdoors.
VictoryGate, a recently discovered botnet that infected about 35,000 devices with malware, has been disabled by researchers from security firm ESET. The botnet's main purpose was mining monero cryptocurrency.
The lines are rapidly blurring between traditional fraud and rising cybersecurity threats. Financial services leaders are challenged to find ways to rapidly increase visibility across their environments while accelerating responses to threats effectively and efficiently.
Join Jason Pfeiffer, VP of Product Management...
The former vice president of finance at a Georgia-based medical supplies company has been charged with hacking into the firm's computers and "sabotaging" shipment of personal protective equipment in the midst of the COVID-19 crisis.
Apple is now preparing final patches for two zero-day vulnerabilities that a security firm says have been exploited by certain attackers to seize control of iPhone and iPad email apps, giving them access to users' messages.
Two recently uncovered spear-phishing campaigns targeted oil and gas firms in the U.S., Asia and South Africa with AgentTesla, a notorious information stealer, according to Bitdefender. These campaigns appear tied to the global oil crisis.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.