Evilnum, a hacking group that targets fintech firms mainly in the U.K. and Europe, is deploying a new remote access Trojan, according to Cybereason. The group is targeting "know your customer" procedures to start these attacks.
Some payment card fraud detection systems that rely on artificial intelligence are now less effective because of changes in consumers' habits during the COVID-19 pandemic, says Rene Perez of Jack Henry & Associates, who offers insights on needed adjustments.
The FBI and CISA say that a Russian newspaper report that claims American voting data was stolen and then offered for sale in darknet forums is inaccurate. The agencies say the data offered for sale is already publicly available, and they portray the newspaper report as part of a disinformation campaign.
Message to anyone who placed or fulfilled an order via the world's largest darknet market, Empire, in recent weeks: Say bye-bye to your cryptocurrency. It's increasingly clear that Empire's administrators "exit scammed," closing up shop and leaving with a horde of digital currency.
Facebook says the Russian troll group that interfered in the 2016 U.S. election is at it again, using sham accounts and a fake news site to spread disinformation in advance of the November election. Facebook says it took down the accounts involved.
Blackbaud is one of a growing number of organizations that say they paid ransomware attackers primarily for their promise to delete exfiltrated data. A class action lawsuit filed against the software vendor in the wake of its breach notification questions whether attackers' promises have any merit.
A global phishing campaign that purports to offer information about surgical masks and other personal protective equipment for use during the COVID-19 pandemic is infecting victims' devices with the AgentTesla remote access Trojan, according to researchers at Area 1 Security.
The need for enhanced business agility and secure remote access to support digital transformation has led to the adoption of the security access service edge, or SASE, model, says Rajpreet Kaur, senior principal analyst at Gartner.
Security professionals are expressing surprise that email service provider Sendgrid did not have multifactor authentication in place to protect its customer accounts, which may have enabled the compromise of a large number of accounts, followed by the sale data on the darknet.
News that a malware-wielding gang of Russians targeted Tesla by attempting to work with an insider should have all organizations asking: What would happen if extortionists attempted to bribe one of our employees to install malicious code designed to steal corporate secrets for ransom?
Tesla CEO Elon Musk says a "serious attack" aimed at stealing corporate data and holding his company to ransom has been thwarted. The FBI has accused a Russian national of attempting to recruit an insider to install malware to steal data, which criminals hoped to ransom for $4 million.