Criminals continue to target on-premises Microsoft Exchange servers that have not yet been updated with four critical patches, including for a ProxyLogon flaw, which is now being targeted by Black Kingdom ransomware. One expert describes the attack code as being "rudimentary and amateurish" but still a threat.
The REvil ransomware gang has added a new malware capability that enables the attackers to reboot an infected device after encryption, security researchers at MalwareHunterTeam report.
A recent phishing scheme used fake Microsoft Office 365 update messages to target financial executives and others in an effort to harvest their credentials, according to the security firm Area 1.
Unemployment fraud incidents have spiked in the past year, and high-salaried senior executives are often the fraudsters’ victims. Dr. Christopher Pierson of BlackCloak describes how these scams are pulled off, what impact they have and how the CISO can bolster defenses.
Fraud is currently at an all-time high, in large part due to the explosive growth of fraud rings. In a 2020 analysis, LexisNexis® Risk Solutions identified over 30,000 potential fraud rings! While the bigger, well-networked fraud rings capture most of the headlines, the majority of fraud rings are relatively small...
DDoS, bad bots and automated attacks – these are the common strikes against organizations that support ecommerce. How can they fend off these attacks without impacting normal human traffic? Edward Roberts of Imperva shares strategies and solutions.
In an interview with Information Security Media Group, Roberts...
Canadian IoT device manufacturer Sierra Wireless reported Tuesday it had suffered a ransomware attack over the weekend, forcing it to halt production. The attack has disrupted its website and some internal operations.
The SolarWinds supply chain attackers manipulated OAuth app certificates to maintain persistence and access privileged resources, including email, according to researchers at Proofpoint.
The Cybersecurity and Infrastructure Security Agency will soon use its new subpoena powers authorized under the 2021 National Defense Authorization Act to help in the battle against ransomware attacks and other cyberthreats, says Brandon Wales, the acting agency director.
As digital payments have skyrocketed as a result of the surge in e-commerce during the pandemic, more organizations have provided feedback on enhancing EMVCo's specifications to help fight fraud, two executives with the global technical body say.
The Accellion File Transfer Appliance data breach continues to cause anguish. The energy company Shell has disclosed that it has been affected. Meanwhile, some customers of a Michigan-based bank have been informed that personally identifiable data has been exposed via the FTA breach.
After the 2008 financial crisis, reform was developed to strengthen the financial resilience of the financial sector but broadly omitted cyber threats and risks.
Yet cyber threats pose a significant challenge to the operational resilience, performance and stability of the financial sector.
Join this session and...
Ransomware-wielding attackers have been in the limelight lately - not just for hitting Acer, Dassault Falcon and celebrity law firms but also for granting tell-all interviews that describe their tactics and motivations.
This year's brisk cybersecurity sector M&A activity is continuing, with five more deals announced in the last two weeks. Here's a rundown of the latest activity.
A Russian national who co-founded the Infraud Organization's online cybercrime forum, which trafficked in stolen payment card data and was tied to more than $560 million in fraud losses, has been sentenced to serve 10 years in prison.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.