Five billion unique user credentials are circulating on darknet forums, with cybercriminals offering to sell access to bank accounts as well as domain administrator access to corporate networks, according to the security firm Digital Shadows.
A recently uncovered phishing campaign is using spoofed Zoom account alerts to steal Microsoft Office 365 credentials, according to a report from Abnormal Security. These attacks come as use of the platform soars due to work-from-home arrangements.
Check Point Research reports that a new version of the Joker mobile malware that infects Android devices has emerged. The malware, hidden in apps in the Google Play store, has once again evaded Google's security tools.
U.S. prosecutors this week unsealed an indictment against the alleged hacker "Fxmsp" after his identity was revealed in a cybersecurity firm's report. That sequence of events has raised questions about information sharing and highlighted law enforcement's reliance on private cybersecurity researchers.
A little-known advanced persistent threat group dubbed Evilnum has been targeting fintech firms in the U.K. and Europe over the past two years, using spear-phishing emails and social engineering to start their attacks, according to the security firm ESET.
As we begin the second half of 2020, organizations must find ways to ensure their customers can engage with services at any time, from any device, securely. Enter: Customer identity and access management. In a preview of an upcoming roundtable, Okta's Keith Casey discusses CIAM maturity.
The U.S. Justice Department has charged Kazakhstan national Andrey Turchin with being the hacker known as "Fxmsp," as well as running a hacking collective known by the same name that's been tied to 300 attacks worldwide, including against anti-virus vendors.
Joni Brennan, president of the Digital ID & Authentication Council of Canada (DIACC), says identity management is a core component to building a solid foundation for a socioeconomic safety net, particularly during a pandemic. However, engagement and education are also vital components to establishing a strong...
With so many employees working from home during the COVID-19 pandemic, vendors of time-tracking and productivity-monitoring software report surging interest in their wares. Regardless of whether organizations deploy light-touch or more Big Brother types of approaches, beware potential privacy repercussions.
The developers behind the Purple Fox fileless downloader malware recently upgraded their operation and are now targeting two new vulnerabilities to gain access to networks, according to a report by security firm Proofpoint.
Ransomware-wielding attackers continue to pummel organizations. But labeling these as being just ransomware attacks often misses how much these incidents involve serious network intrusions, exfiltration of extensive amounts of data, data leaks and, as a result, reportable data breaches.
Roger Sels of BlackBerry assesses cybersecurity risk and sees two forms of chaos - cyber and endpoint. He also sees enterprises trying to defend automated attacks at human speed, which makes him ask: Isn't it time we rebooted our approach to cybersecurity risk prevention?