A Russian national has been found guilty of hacking LinkedIn, Dropbox and the now defunct Formspring to steal millions of user credentials, some of which were later sold on underground markets.
How do you proactively manage policy changes, protect devices and stop new threats? You need a radically new approach to network security that can scale faster than manual approaches.
The U.S. Secret Service is combining its electronic and financial crime units into a single task force that will focus on investigating cyber-related financial crimes, such as BEC schemes and ransomware attacks. The move comes as lawmakers push for the Secret Service to take a more active role in fighting cybercrime.
Five billion unique user credentials are circulating on darknet forums, with cybercriminals offering to sell access to bank accounts as well as domain administrator access to corporate networks, according to the security firm Digital Shadows.
For the second time this year, security researchers have found malware embedded in low-cost Android smartphones distributed through a U.S. government program, security firm Malwarebytes reports.
A recently uncovered phishing campaign is using spoofed Zoom account alerts to steal Microsoft Office 365 credentials, according to a report from Abnormal Security. These attacks come as use of the platform soars due to work-from-home arrangements.
Check Point Research reports that a new version of the Joker mobile malware that infects Android devices has emerged. The malware, hidden in apps in the Google Play store, has once again evaded Google's security tools.
A little-known advanced persistent threat group dubbed Evilnum has been targeting fintech firms in the U.K. and Europe over the past two years, using spear-phishing emails and social engineering to start their attacks, according to the security firm ESET.
Did a private cybersecurity firm's report into the "Fxmsp" hacking operation that deduced the identity of the group's alleged leader disrupt a U.S. law enforcement investigation?
The Cerberus banking Trojan and info stealer was found posing as a legitimate money converter app in the Google Play Store, where it was downloaded more than 10,000 times, according to Avast Mobile Threat Labs.
A credit card skimmer that has been operating since April is specifically targeting sites hosted on Microsoft IIS servers that are currently running an out-of-date version of ASP.NET, according to security firm Malwarebytes. About 27 million websites still use this now unsupported software.
The U.S. Justice Department has charged Kazakhstan national Andrey Turchin with being the hacker known as "Fxmsp," as well as running a hacking collective known by the same name that's been tied to 300 attacks worldwide, including against anti-virus vendors.
A hacking group known as "Keeper" has been using Magecart-like web skimmers to target the online checkout sites and portals of hundreds of e-commerce sites in order to steal the payment card data from about 184,000 customers, according to Gemini Advisory. The thefts are estimated to total in the millions.
A U.S. federal court has issued an injunction that gives Microsoft permission to seize control of several malicious domains being used to operate a COVID-19-themed phishing scam, according to recently unsealed court documents.
A newly uncovered Russia-based business email compromise gang has been targeting hundreds of large, multinational corporations in over 40 countries since 2019, according to the security firm Agari.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
