Russian-Dutch multinational e-commerce company Yandex sustained a data breach in which 4,887 customer accounts were compromised after an employee with systems admin privileges gave unauthorized access to attackers.
The latest edition of the ISMG Security Report features an analysis of the critical security issues raised by the hacking of a Florida city water treatment plant. Also featured: The CISO of the World Health Organization discusses supply chain security; hackers steal celebrities' cryptocurrency.
The ongoing lockdown may be complicating the path of Cupid's arrows. But as another Valentine's Day rolls around, authorities are warning that romance scammers - and other types of fraudsters - are alive and well and have been increasingly preying on unsuspecting victims around the world.
Did Russia pass a tough new cryptocurrency law to help authorities recruit or compel criminal hackers to assist the government? That's the thesis of a new report, which notes that the new regulation includes a host of provisions designed to unmask cryptocurrency users' transactions - or else.
The developers of LodaRAT malware, which has previously only targeted Windows devices, have developed a new variant, Loda4Android, that targets Android devices, according to Cisco Talos.
BlackTech, a Chinese advanced persistent threat group, is deploying a sophisticated new shellcode called "BendyBear" as part of its latest espionage campaign, security firm Palo Alto Networks reports.
Hackers used a fake Forcepoint extension, leveraging the Google Chrome Sync feature, to exfiltrate data and send commands to infected browsers, according to a report by a Croation security researcher writing for the SANS Institute.
In the wake of COVID-19-accelerated transformation and the SolarWinds hack, the importance of understanding your organization's digital exposure is more critical than ever. In this latest Cybersecurity Leadership panel, CEOs and CISOs discuss asset discovery and attack surface vulnerability.
Researchers at Kaspersky are warning that fraudsters are targeting Discord users with a scam centered on a fake cryptocurrency exchange and using the lure of free bitcoin or ethereum cryptocurrency to steal money and personal data.
The decline in the total number of U.S. data breaches in 2020 isn't all good news; it reflects that hackers are changing their tactics, says James Lee of the Identity Theft Resource Center, who offers an analysis of the center's new data breach report.
The Fonix ransomware gang has closed down its operations and has released a decryptor key, according to Malwarebytes and Kaspersky. But security researchers warn the gang, like others, might re-emerge with new tactics.
Darknet markets just had their best year ever, led by Hydra, which accounted for 75% of the $1.7 billion in 2020 revenue such markets generated, Chainalysis reports. One key to Hydra's success is the Russian-language marketplace's constant innovation.
The operators behind the Trickbot malware are deploying a new reconnaissance tool dubbed "Masrv" to exfiltrate additional data from targeted networks, according to a Kryptos Logic report. Other researchers have noticed increases in the botnet's activity over the last month.
Financial institutions can leverage network link analysis and dynamic segmentation to help in the fight against money laundering, says Colin Whitmore, senior analyst at Aite Group.
Security researchers at Armorblox uncovered an unusual invoice-themed phishing campaign designed to extract victims' Microsoft Office 365 login credentials, alternate email addresses and phone numbers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
