Assets worth $4 million have been seized by authorities in Singapore from the former CEO of Phantom Secure, a now-defunct encrypted telecommunications services provider that offered services to transnational organized criminal syndicates, according to the U.S. Justice Department.
Researchers at the security firm Avast have found 28 malicious third-party browser extensions used with Google Chrome and Microsoft Edge that have been downloaded about 3 million times. These extensions are capable of spreading malware, stealing information and altering search engine results.
The latest edition of the ISMG Security Report features an analysis of what we know so far about the impact of the SolarWinds supply chain hack and how to respond.
Brand impersonation - it isn't just a marketing or reputational issue. It's an InfoSec problem, says Shashi Prakash, CTO and co-founder of Bolster. He describes the growing problem and why security is best positioned to lead detection and response.
IBM Trusteer reports that a hacking group is using mobile emulators to spoof banking customers' mobile devices and steal millions of dollars from banks in the U.S. and Europe.
Intel and Cisco are among the thousands of SolarWinds Orion customers that were running a Trojanized version of the security software. FireEye, together with Microsoft and GoDaddy, have devised a "kill switch" to disrupt attackers' ability to access the malware on at least some infected systems.
A previously documented cryptomining worm dubbed Gitpaste-12 has returned with a wide-ranging series of attacks targeting web applications and IoT devices that exploit at least 31 vulnerabilities, according to Juniper Threat Labs.
An updated version of the AgentTesla information-stealing malware now boasts additional data harvesting capabilities, including the ability to target more web browsers and email clients, according to Cofense. The malware has become popular with fraudsters and BEC gangs.
A mighty effort is underway to figure out which organizations may have been deeply infiltrated by a suspected Russian hacking group following the SolarWinds hack. The hunt is difficult for many reasons, some experts say, and may never result in definitive answers about whether data was stolen.
Several recent ransomware attacks, including those involving Ryuk and Egregor, have used a commodity malware variant called SystemBC as a backdoor, according to Sophos.
Secure Code Warrior's Director of the Americas, Stephen Allor, hosts a webinar with Russ Wolfe of Capital One, in which they discuss the cybersecurity landscape in the BFSI sector.
They reveal why financial institutions are the new innovators when it comes to rolling out new initiatives, tools and training in the...
It's not just that ransomware attacks are up in 2020; it's that attackers have evolved their tactics and techniques. And Deepen Desai of Zscaler says this means it's time for organizations to completely reimagine their ransomware defenses.
Point-of-sale device manufacturers Verifone and Ingenico have released fixes for flaws in some of their devices after researchers found the vulnerabilities could have enabled attackers to steal payment card data, clone cards or install malware.
Following the discovery that attackers Trojanized SolarWinds' Orion software, expect the list of organizations that were running the backdoored network-monitoring tool to keep increasing. But with this being a suspected cyberespionage operation, attackers likely focused on only the juiciest targets.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.