Microsoft's security team says the company's Office 365 suite of products did not serve as an initial entry point for the hackers who waged the SolarWinds supply chain attack. And SolarWinds' CEO says that no Office 365 vulnerability has been identified that would have opened the door to the attack.
The decline in the total number of U.S. data breaches in 2020 isn't all good news; it reflects that hackers are changing their tactics, says James Lee of the Identity Theft Resource Center, who offers an analysis of the center's new data breach report.
The Fonix ransomware gang has closed down its operations and has released a decryptor key, according to Malwarebytes and Kaspersky. But security researchers warn the gang, like others, might re-emerge with new tactics.
Darknet markets just had their best year ever, led by Hydra, which accounted for 75% of the $1.7 billion in 2020 revenue such markets generated, Chainalysis reports. One key to Hydra's success is the Russian-language marketplace's constant innovation.
SpyCloud has fresh research into account takeover trends and finds that attacks have recently spiked by 300%. Chip Witt explains the trends behind the stats and offers insight into what enterprises often are overlooking in their ATO prevention strategies.
The latest edition of the ISMG Security Report features an analysis of the persistent threat of ransomware. Also featured: Sorting out breaches tied to Accellion’s File Transfer Appliance; an update on fraud trends in 2021.
Maze was one of the most notorious and successful ransomware operations of recent years until its apparent "retirement" and handover to Egregor in November 2020. Some rivals have suggested both groups have ties to the Russian government. But is that just sour grapes, or even simply an attempted scam?
The operators behind the Trickbot malware are deploying a new reconnaissance tool dubbed "Masrv" to exfiltrate additional data from targeted networks, according to a Kryptos Logic report. Other researchers have noticed increases in the botnet's activity over the last month.
Financial institutions can leverage network link analysis and dynamic segmentation to help in the fight against money laundering, says Colin Whitmore, senior analyst at Aite Group.
Security researchers at Armorblox uncovered an unusual invoice-themed phishing campaign designed to extract victims' Microsoft Office 365 login credentials, alternate email addresses and phone numbers.
A previously undocumented malware variant called "Hildegard" is targeting Kubernetes clusters, according to Palo Alto Networks' Unit 42. The malicious code is likely the work of the TeamTNT hacking group, which mines for monero cryptocurrency.
Alejandro Mayorkas, the newly confirmed secretary of the Department of Homeland Security, says his initial priorities include reviewing all available intelligence on the SolarWinds supply chain hack and scrutinizing the government's cybersecurity programs.
Malwarebytes researchers have uncovered unusual payment card skimming code designed to harvest data that is already being stolen by other hackers on a website.
Small businesses have been disproportionately affected by hackers in recent months. To aid in countering the threat, Mastercard has launched a cybersecurity education effort targeting this market segment. Paul Trueman, a senior vice president Mastercard, explains the “Trust Center” initiative.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.