Researchers found Android malware masquerading as a legitimate application available and downloaded over 620,000 times from the Google Play store. The apps have been active since 2022, posing as legitimate photo-editing apps, camera editors and smartphone wallpaper packs.
Cybercrime has evolved over the decades, and criminals are running entities that function exactly like legitimate organizations. The high-revenue industry is growing, and those running it continue to improve at doing their jobs, said Jon Clay, vice president of threat intelligence at Trend Micro.
With MFA becoming ubiquitous, hackers are finding it increasingly difficult to use technical skills to penetrate protected systems, leading to an increase in attacks focusing on the human element, said Scott Hellman, supervisory special agent, FBI San Francisco.
Ukrainian law enforcement dismantled more than half a dozen bot farms and a virtual private network infrastructure spreading disinformation and fake Russian propaganda. Ukrainian authorities have dismantled a string of botnet operations in December, September and August of 2022.
Cybersecurity expert Mikko Hypponen recently got sent "LL Morpher," a new piece of malware that uses OpenAI's GPT to rewrite its Python code with every new infection. While more proof-of-concept than current threat, "the whole AI thing right now feels exciting and scary at the same time," he said.
The threat landscape is ever evolving. Modern threat actors constantly develop new tactics, techniques and procedures (TTP) so it's crucial to stay up to date with the latest strategies for protecting your organization.
Security experts from Unit 42™ have unveiled the most commonly observed TTPs in ransomware and...
Joe Sullivan, the former chief security officer of Uber, will not spend time in prison for his role in impeding a federal investigation into the ride-hailing company's security practices. His sentence is three years of probation and a $50,000 fine.
2023 is the year of exposure, said Cyentia Institute's Wade Baker. Exposure dominated Cyentia research this year, and many breaches were linked to mistakes in vulnerability management and poorly managed identities. Organizations are struggling with prioritizing hardware and software vulnerabilities.
The lack of proper monitoring and logging can make it difficult for companies to effectively address breaches. Many companies do not have logs turned on or do not properly configure them to track and record what is necessary. Without logs, the response to a breach can be significantly slower.
Mass exploitation campaigns are the latest of many criminal innovations in 2023. Based on tracing ransom payments, they weren't very profitable. But ransomware actors do love their zero-days, said Allan Liska, principal intelligence analyst at Recorded Future.
An international police operation last month seized Genesis, the largest market for stolen browse cookies, online fingerprints and other types of credentials used for account takeover. Cybersecurity expert John Fokker, whose team at Trellix assisted police, shares insights from the takedown.
International law enforcement agencies arrested hundreds in what authorities say is the largest crackdown on illicit drugs over the dark web, also revealing that German law enforcement was behind the December 2021 disappearance of dark web drug marketplace Monopoly Market.
Pre-RSA social media gaming predicted it. Many predicted they would loath it. And it happened: Discussions at this year's RSA conference again and again came back to generative artificial intelligence - but with a twist. Even some of the skeptics professed their conversion to the temple of AI.
The pandemic brought about notable shifts in technology and cybersecurity. It also widened the attack surface, making it bigger than ever before. This change is driven by factors such as hybrid workplaces, cloud migration and SaaS dependencies, according to SANS Institute's Ed Skoudis.
The number of ransoms paid by organizations is on the decline, which is positive news. But we know that the criminals are always innovating. Valerie Abend, global cyber strategy lead at Accenture, said cybercriminals are constantly learning to accomplish their objectives.