A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB. The campaign, which targets Office 365 users, appears to trace to attackers operating from Nigeria and South Africa.
In the age of COVID-19 - when staying as close to home as possible and trying to avoid touching anything in public that might spread coronavirus is the new normal - cash is out, and "contactless" payments are in, if you're lucky enough to be able to use them.
Alongside the sad and vast expense of legitimate claims, it is an unfortunate fact that in times of economic hardship, people have a history of taking any opportunity to exploit financial institutions for ill-gotten gain.
As global enterprises get their arms around supporting and securing a near-total remote workforce, their digital adversaries are adapting - and so is the role of deception technology. Carolyn Crandall of Attivo Networks discusses how deception can help mitigate new risks.
A recently uncovered spear-phishing campaign is using fears of the COVID-19 pandemic to spread an information stealer called LokiBot. FortiGuard Labs researchers find that cybercriminals are once again using World Health Organization images as a lure.
The latest edition of the ISMG Security Report offers an analysis of the phases businesses will go through in the recovery from the COVID-19 pandemic, plus an assessment of new risks resulting from the work-at-home shift and lessons learned from the Equifax breach.
The latest edition of the ISMG Security Report analyzes how cybercriminals are exploiting the COVID-19 pandemic. Also featured: A discussion of potential 2020 election changes; tips for staying secure in a remote workplace.
Federal government agencies certainly are not immune from phishing scams, and Aaron Higbee of Cofense is focused on tackling the unique challenges that government faces in detecting and stopping the crimes.
Wall Street has been hit by the twin threats of the new coronavirus as well as oil prices plummeting, with the Dow dropping 2,000 points on Monday for its worst day in 12 years. Amidst fears that a recession could tank the global economy, some experts still see upsides for the cybersecurity sector.
Emotet malware alert: The U.S. Cybersecurity and Infrastructure Security Agency says it's been "tracking a spike" in targeted Emotet malware attacks. It urges all organizations to immediately put in place defenses to not just avoid infection, but also detect lateral movement in their networks by hackers.
The cybersecurity outlook for 2020 and the new decade will be characterized by more advanced, targeted and coordinated attack vectors designed to exploit the cybersecurity skills shortage, along with congenitally poor security fundamentals and hygiene.
For two years, an attack group using Ukraine-based infrastructure has been creating hundreds of lookalike domains to target customers of 14 different Canadian banks via phishing attacks, security researchers at Check Point warn.
Google has directly warned more than 12,000 users across 149 countries that they have been targeted by government-backed hackers. Google says the attack attempts occurred in the third quarter of this year and targeted users of such services as Gmail, Drive and YouTube.
Mobile technology allows customers complete control over their banking security via their smartphones, however recent fraud cases have seen criminals virtually hijacking mobile phones to intercept alerts and texts.