Microsoft security researchers say they're tracking a hacking group originating in North Korea that may be a side project of an established threat actor. So far the group, which prefers the name "H0lyGh0st," appears not to have collected any ransom.
Synthetic identity fraud can take eight to 12 months before resulting in mass fraud, meaning banks must leverage that opening to reauthenticate customers, says, Greg Woolf, founder and CEO of FiVerity. Synthetic IDs are often hard to detect, but "over a period of time, there are telltale signs."
Four ISMG editors discuss important cybersecurity issues, including lessons learned from the cyberattack on a steelmaker in Iran that caused a serious fire, how the economic crisis in Sri Lanka is affecting cybersecurity and what the rising cost of cyber insurance means for the industry.
Ransomware attacks and data breaches: One thing both have in common is the challenge of attempting to accurately understand their true scale and impact. Too often, data breach notifications lack useful details, while ransomware attacks and ransom payments go unreported.
A little more than halfway into the year, hacking incidents, and especially ransomware incidents, as well as breaches involving business associates, are dominating the hundreds of major health data breaches affecting millions of individuals being reported to federal regulators.
Attackers used a phishing campaign to direct unwitting Microsoft business email customers into supplying logon credentials to a proxy server. Attackers stole online session cookies, allowing them to defeat MFA and access inboxes. From there, they emailed corporate vendors to obtain financial data.
Threat actors carried out smishing attacks on nearly 10,000 Australian students enrolled at Deakin University and downloaded PII of about 47,000 students. Hackers compromised an employee's credentials to access the university's third-party SMS solutions provider to execute the attack.
The latest edition of the ISMG Security Report analyzes why the number of ransomware attacks and the amounts being paid in ransoms are both on the rise. It also discusses today's cyberthreat landscape and whether organizations should rely on user training to improve security.
Seeking maximum profits, ransomware groups continually refine the tactics they use to bypass defenses, infect victims and pressure them into paying. Unfortunately, a reported increase in ransomware attacks and ransom amounts getting paid to criminals suggests these efforts largely remain successful.
Thieves behind a phishing campaign targeting investors into a cryptocurrency exchange got away with at least $8 million. The attack took advantage of human credibility, not a cybersecurity exploit in the Uniswap protocol, experts say. The stolen funds are being laundered in a cryptocurrency mixer.
The role of cyberattacks in Russia's war against Ukraine continues to evolve as the conflict persists, but one notable takeaway so far is the precision of the military's online attacks, which is likely an attempt to avoid spillover that would anger NATO, says Ian Thornton-Trump, CISO of Cyjax.
Lithuanian state energy company Ignitis Group was the victim of a distributed denial-of-service attack; a pro-Russian hacker group claimed responsibility. The Baltic nation is a supply chain chokepoint for Kaliningrad. Last month, it began enforcing EU sanctions on the Russian exclave.
Newly spotted ransomware dubbed HavanaCrypt by TrendMicro masquerades as the Google Software Update. For all its sophistication, it fails to drop a ransom note, leading researchers to speculate that it is still in development. Detect and block it before it causes more damage, the company warns.
Indian Home Affairs Minister Amit Shah called for stricter action against cybercriminals, vowing that the central and state governments will collaborate on a strategy to tamp down financial fraud. Crime statistics collected by New Delhi show reported cybercrimes nearly doubling from 2018 to 2020.
The Predatory Sparrow hacking group recently claimed to have triggered fires in multiple state-run Iranian steel foundries via hack attacks. Clearly, industrial cybersecurity remains essential. But are the attacks a sign of much more to come or more of a politically motivated proof of concept?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.