Emotions about the global pandemic are running high, and attackers are taking advantage. Researchers have observed criminals spreading malware by impersonating official sources, distributing malicious COVID-19 maps and trackers, and malvertising on coronavirus-related news stories.
As security professionals, we...
The FBI this week seized the domain of Deer.io, which federal authorities describe as a clearinghouse for stolen data and cybercriminal services operating from Russia. The alleged administrator of the now-shuttered site has been arrested and charged.
Identity risk management. It's more important
than ever. Traditional businesses are taking their
operations fully digital, and newer all-digital
businesses are growing. Both groups need to
onboard new users to their services remotely.
But they also need to monitor the risks to their
platform as their user base...
Payment card data stolen last year when hackers compromised online stores that were using the Volusion checkout platform is now surfacing on dark web sites and forums, according to Gemini Advisory.
Account Takeover is now a ubiquitous term, and ATO prevention has become a high priority for cybersecurity leaders. But most of the effort is put toward thwarting high-volume, automated credential stuffing. Less understood are "targeted ATO attacks." Highly effective and difficult to detect, they cause huge damage to...
A former acting inspector general of the Department of Homeland Security and another official have been indicted for allegedly stealing DHS proprietary software and databases and then attempting to resell the technology back to the government.
Twitter says it has fixed an API problem that would have allowed someone to match phone numbers en masse to corresponding accounts, which could potentially unmask anonymous users. The flaw could have been found and exploited by state-sponsored actors, the social media firm warns.
A former moderator for the now-defunct AlphaBay darknet marketplace site pleaded guilty this week to a federal racketeering charge and could face up to 20 years in prison.
For close to three years, a technology executive was hounded by a persistent attacker who stole his identity, opened credit cards in his name, and wired funds from his bank account. Though SpyCloud helped bring this particular criminal to justice, these tactics are common in targeted attacks.
If your account...
A federal judge in Atlanta has given final approval to a settlement that resolves a class action lawsuit against credit bureau Equifax, which in 2017 suffered one of the largest data breaches in history. The minimum cost to Equifax will be $1.38 billion.
Credential stuffing is a growing problem that's difficult to address, says Troy Hunt, creator of the Have I Been Pwned data breach notification service, who sizes up mitigation efforts.
For two years, an attack group using Ukraine-based infrastructure has been creating hundreds of lookalike domains to target customers of 14 different Canadian banks via phishing attacks, security researchers at Check Point warn.
An alleged member of The Dark Overlord hacking group who apparently made dumbfounding operational security mistakes while trying to extort U.S. companies has pleaded not guilty. Nathan Wyatt is perhaps the only person associated with the notorious hacking group who left a clear digital trail.
The notorious Joker's Stash carder marketplace has recently listed for sale 460,000 records, including four "Turkey-Mix" batches that feature never-before-seen payment card data that traces to Turkey's 10 largest banks, says cybersecurity firm Group-IB.
One of the largest fines to date for violating the EU's General Data Protection Regulation has been announced by Germany's federal privacy and data protection watchdog, the BfDI, against 1 & 1 Telecommunications, in part for inadequate authentication mechanisms. The company plans to appeal.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.