For close to three years, a technology executive was hounded by a persistent attacker who stole his identity, opened credit cards in his name, and wired funds from his bank account. Though SpyCloud helped bring this particular criminal to justice, these tactics are common in targeted attacks.
If your account...
Attackers are hitting unpatched Pulse Secure VPN servers with Sodinokibi - aka REvil - ransomware, British security researcher Kevin Beaumont warns. Pulse Secure says that although many organizations have installed the critical April 2019 patch, holdouts persist.
Spear phishing emails remain the most popular attack avenue for the bad guys, yet most companies still don't have an effective strategy to stop them. This enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. Don't get caught in a phishing net! Learn how to avoid...
Ransomware: It's the cybercrime "gift" that won't stop taking. What can organizations do to improve prevention, detection and response in 2020? Ex-FBI leader MK Palmore of Palo Alto Networks shares his insights.
While run-of-the-mill ransomware attacks continue, some crypto-locking malware gangs are bringing more advanced hacking skills to bear against targets, seeking the maximum possible payout, says cybersecurity expert Jake Williams of Rendition Infosec, who dubs the trend "ransomware 2.0."
The latest edition of the ISMG Security Report discusses the recent ransomware attacks on the city of New Orleans as well as other units of local government and schools. Also featured: discussion on security issues for IoT and legacy medical devices.
The gang behind Maze ransomware has begun publicly identifying its victims and listing data that it exfiltrated from systems before leaving them crypto-locked. The intent is clear: By naming and shaming victims, the Maze gang is trying to compel them to pay.
New research finds that hackers linked to the North Korean government are now renting the botnet created by TrickBot malware, as well as access to a highly customized malicious framework, to help further their goals - including targeting payment systems.
The notorious Joker's Stash carder marketplace has recently listed for sale 460,000 records, including four "Turkey-Mix" batches that feature never-before-seen payment card data that traces to Turkey's 10 largest banks, says cybersecurity firm Group-IB.
Two Russian men have been charged with stealing more than $100 million from banks around the world using the notorious Dridex malware, according to an unsealed U.S. indictment that caps off a decade-long investigation led by American and British law enforcement agencies.
The U.K. Labour Party says its systems were hit by a large-scale online attack that disrupted access to some campaigning systems, but led to no breach. The attack report comes amidst the Conservative government's refusal to release a report into alleged Russian interference in the Brexit referendum.
Bala Kumar of iovation, a TransUnion company, sees a marked spike in identity fraud in general, and at account origination in particular. How does this increase manifest across industry sectors, and how should organizations re-think their defenses?
Only ~20% of companies use DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks. But even when they are enabled and your domain is more secure, 81% of phishing attacks still continue to sail right through to the end-user.
In this webinar, Roger Grimes,...
The Sophos 2020 Threat Report is out, and among the key findings: Ransomware attackers continue to leverage automated active attacks that can evade security controls and disable backups to do maximum damage in minimal time. John Shier of Sophos analyzes the trends that are most likely to shape the 2020 cybersecurity...
For Russian-speaking hackers, ransomware used to be taboo. But GandCrab killed all such ethical qualms, democratizing ransomware-as-a-service, paving the way for new profit-sharing schemes such as Sodinokibi and driving a new generation of attackers to master advanced hacking skills, a new report finds.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
