What critical factors should organizations consider before taking the step of paying extortionists a ransom in hopes of regaining access to systems or avoiding the release of data in the wake of a ransomware attack? Former FBI special agent Vincent D'Agostino provides guidance.
The latest edition of the ISMG Security Report features an analysis of why the FireEye breach is a wake-up call for the cybersecurity industry. Also featured: Monero cryptocurrency scams; key considerations for cloud security.
The Norwegian parliament's investigation into the hacking of email accounts of some elected officials and government employees in August has found that the Russia-linked group APT28, also known as Fancy Bear, is likely responsible.
"Molerats," an Arabic-speaking advanced persistent threat group that has been targeting victims for several years, is now abusing Facebook accounts, as well as other cloud-based platforms, to deploy previously undocumented malware as part of an ongoing espionage campaign, according to Cybereason.
Russia-linked hackers used phishing emails with COVID-19 themes as a way to infect devices with a backdoor called Zebrocy, the security firm Intezer reports.
Because 2020 wasn't already exciting enough, now we have to worry about being hunted by adversaries wielding FireEye's penetration testing tools, thanks to the company having suffered a big, bad breach. Here's a list of targeted flaws that every organization should ensure they've patched.
The past year has been marked by economic uncertainty stemming from the global pandemic, which has also created an expanded remote workforce and broadened the attack landscape.
FireEye's disclosure this week of the theft of its penetration testing tools - and its proactive response - has drawn praise but raised many questions, as well.
Government leaders are increasingly calling on cybersecurity researchers to better inform policymakers and are urging businesses to pay more attention to their in-house security teams, according to presenters at this week's Black Hat Europe virtual conference.
A hacking group behind an Android spyware variant has recently added fresh capabilities that include the ability to snoop on private chats on Skype, Instagram and WhatsApp, according to ReversingLabs. This APT group, believed to be tied to Iran, has recently been sanctioned by the U.S. Treasury Department.
If FireEye - one of the top cybersecurity firms - can't protect itself, how can clients be sure anything from anyone will keep them safe? The myth of a "secured environment" has been revealed to be exactly that.
FireEye, one of the world's top cybersecurity firms, says attackers stole its penetration testing tools and sought information about government clients. But FireEye doesn't believe the suspected nation-state hackers exfiltrated any data.
An ongoing spear-phishing campaign is spoofing the official Microsoft.com domain name and targeting users of the company's Office 365 suite, according to security firm Ironscales. Fraudsters are likely using these attacks to harvest credentials.
A JavaScript card skimmer group dubbed "FakeSecurity" recently deployed the Raccoon information stealer malware in order to target e-commerce sites to steal payment card details from victims, according to security firm Group-IB.
Alexander Vinnik, a Russian national who founded the now-defunct BTC-e cryptocurrency exchange, has been found guilty of money laundering in France and has been sentenced to five years in prison, according to media reports. He faces additional charges in the U.S. and Russia.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.