If you've managed to equip your home with smart devices and appliances that work properly, you probably think you're all set. But there are no regulations around how long manufacturers must provide security updates, which could mean a smart device could become a risk.
Researchers at two security firms are tracking separate phishing campaigns that are targeting customers of Wells Fargo and Bank of America, according to reports. In each case, the fraudsters are attempting to steal users' credentials using various methods and lures.
Authorities have arrested a suspect accused of hacking the University of Pittsburgh Medical Center's human resources database in 2014 and stealing personally identifiable information from 65,000 employees, which was then used for tax fraud.
Google has removed more than 70 malicious Chrome extensions after researchers with security firm Awake Security discovered the extensions could be used to steal users' credentials and security tokens.
The surge in phishing campaigns and other types of fraud using COVID-19 themes has diminished in recent weeks, according to the Microsoft Threat Protection Intelligence Team, which asserts in a new report that such campaigns were never a dominant threat.
The latest edition of the ISMG Security Report discusses recent research on the cyberthreats in multicloud environments and how to mitigate them. Also featured: A ransomware risk management update; tips on disaster planning.
U.S. financial institutions are vulnerable to a new array of attacks from cybercriminals and nation-state hackers as a result of the COVID-19 pandemic, experts told a Congressional panel at a virtual hearing.
Several Nigerian nationals have been indicted for their alleged involvement in business email compromise campaigns from 2015 to 2017 that targeted U.S. businesses.
The Maze ransomware gang is continuing to exfiltrate data from victims before crypto-locking their systems, then leaking the data to try to force non-payers to accede to its ransom demands. Don't want to play ransomware gangs' latest games? The only way to opt out is by planning ahead.
Semiconductor manufacturer MaxLinear confirmed this week that it was hit by the Maze ransomware gang in April and some "proprietary information" was exfiltrated and personally identifiable information exposed.
The notorious Qbot banking Trojan is making a comeback with new features and capabilities that enable it to more effectively steal victims' financial data and credentials, according to cybersecurity researchers at F5 Labs.
Vulnerabilities due to "coding errors" in a number of mobile banking applications make them all too susceptible to hacking and customer account data theft, the security firm Positive Technologies warns.
If your organization gets hit by ransomware, what should happen next? Ideally, organizations will get help to identify the best response, says Kroll's Alan Brill. He notes that many organizations are now carrying cyber insurance coverage, in part, to gain rapid access to incident response tools and expertise.
An internal CIA report from 2017 - just released in heavily redacted form - found that the agency's failure to secure its own systems facilitated the massive "Vault 7" data breach that enabled classified information, including details of 35 CIA hacking tools, to be leaked to WikiLeaks.
The Trump administration's continued press against China snared an unintended victim: America's own influence over 5G standards development. But the U.S. Commerce Department says a new rule will free U.S. firms to work with any company, including China's Huawei, on developing new telecommunications standards.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.