Mobile-only banking app Dave has suffered a data breach that exposed personal details for at least 3 million users. But the fintech startup says no account information was exposed, and there are no signs of fraud. Dave says the incident traces to credentials stolen from Waydev, a third-party service provider.
Lazarus Group, a sophisticated hacking group associated with the North Korean government, is using a new malware framework to spread ransomware and steal databases from victims, according to security firm Kaspersky.
Garmin has not yet announced what caused an outage of its Garmin Connect fitness tracking service as well as its website. But some employees reportedly are attributing the outage to ransomware.
Money launderers are devising new tactics during the COVID-19 pandemic. For example, some are coming up with ways to use personal protective equipment, or PPE, as a form of currency, says Debra Geister, CEO of Section 2 Financial Intelligence Solutions.
The U.S. State Department is offering rewards of up to $1 million for information that could lead to the arrest and conviction of two Ukrainian nationals who allegedly hacked the Security and Exchange Commission's EDGAR system server in 2016.
A previously undetected botnet called "Prometei" is targeting vulnerable Microsoft Windows devices by brute-forcing SMB vulnerabilities to mine monero cryptocurrency, according to Cisco Talos.
The "zero trust" model can play a critical role in mitigating emerging threats. That's why Information Security Media Group will host on July 27 a virtual cybersecurity summit for India on applying the model.
The latest edition of the ISMG Security Report analyzes the hacking of high-profile Twitter accounts. Also featured: Addressing security when offices reopen; the role of personal protective equipment, or PPE, in money laundering during the pandemic.
A Dutch lawmaker's Twitter account is among 36 that had some personal data compromised earlier this month when hackers targeted 130 verified accounts and launched a cryptocurrency scam. The politician told Reuters his direct messages were accessed.
A fresh round of phishing attacks is relying on using trusted services and a well-designed social engineering scheme to trick users into enabling malware to bypass an end point's security protocols, says Aaron Higbee of the security firm Cofense.
The Emotet botnet, which recently surged back to life after a months-long hiatus, is now delivering the Qbot banking Trojan to victims' devices, security researchers say. So far, they've identified about 800,000 malicious emails attempting to spread the botnet.
A 21-year-old Cypriot man, who is accused of hacking into websites and stealing personal data to extort his victims, has been extradited to the U.S. to face charges of wire fraud and computer hacking.
The business disruptions caused by the COVID-19 pandemic will lead to better cybersecurity practices over the long haul, says Sudip Banerjee of Zscaler.
Twitter says attackers who hijacked more than 130 high-profile Twitter accounts used social engineering to bypass its defenses, including two-factor authentication on accounts. Experts say companies must have defenses in place against such schemes, which have long been employed by fraudsters.
A group of spoofed cryptocurrency trading apps is targeting devices running macOS to install malware called Gmera, security firm ESET reports. The malware can steal users' data as well as their cryptocurrency wallets.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.