An unidentified hacking group is deploying a rootkit dubbed Netfilter, which is signed in as a legitimate Microsoft driver but used to affect gaming outcomes, researchers at German security firm G Data CyberDefense say.
The U.S. has seized the domains of 36 websites linked with Iran and Iraq for allegedly publishing disinformation and running malicious influencing campaigns targeting Americans. Those running the sites violated sanctions by not obtaining a license to buy domain names from U.S. companies.
How can financial institutions deal with the problem of authorized push payment fraud? Three experts - Karen Boyer of People’s United Bank, Alasdair MacFarlane of NatWest Bank and Dave Excell of Featurespace - offer their insights on best practices.
Fraudsters falsely claiming to be the now-shuttered DarkSide ransomware gang are targeting organizations in the food and energy sectors by sending hoax emails that attempt to extort ransoms from victims, the security firm Trend Micro reports. None of the victims has detected a data compromise so far.
Cybercriminals have added a devious weapon to their attack arsenals - malicious browser notifications. And the worst part is they’re not blocked by any current cyber defense. These innocuous looking pop ups can wreak havoc on your network while remaining completely undetected. They look more realistic than...
Criminals tricked into using an FBI-run encrypted messaging app, Verizon's 2021 Breach Investigations Report and overcoming the challenges of recruiting cybersecurity professionals are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.
The Identity Theft Resource Center, a nationally recognized nonprofit organization established to support victims of identity crime, has published new research that shows nearly 30% of people who contact the ITRC are victims of more than one identity crime.
Election security improvements, the push for all software to ship with a "bill of materials" and the results of a long-running investigation into a lucrative digital advertising scam are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.
Phishing, ransomware and unauthorized access continue to be the leading cyber causes of violations of data protection rules and personal data breaches, Britain's privacy watchdog reports. U.K. authorities say that breach reporting to regulators and law enforcement agencies remains relatively steady.
A newly uncovered ransomware variant dubbed 'Epsilon Red' is targeting organizations in the U.S. hospitality sector, with the threat actor successfully extorting $210,000 from one of its victims, a new report by security firm Sophos notes.
A Russian group that was behind the massive SolarWinds supply chain attack has returned with a fresh phishing campaign, according to Microsoft. This new campaign compromised a marketing firm used by the U.S. Agency for International Development - USAID - to send malicious messages to thousands.
Scammers are increasingly using Windows Push Notifications to impersonate legitimate alerts as a first step toward installing malicious Windows applications to harvest user and system information, according to a global report by McAfee.
Microsoft is warning about a spam campaign that uses an updated variant of Java-based StrRAT malware that steals confidential data while disguising itself as a ransomware infection even though it does not actually encrypt data.
"They’re playing games," is how one security expert describes Conti ransomware-wielding attackers' "gift" of a decryptor to Ireland's crypto-locked health service, while still demanding a ransom to not leak stolen health data. The same could be said of the DarkSide gang's promised retirement.