Newly discovered microarchitectural data sampling flaws in Intel processors - collectively dubbed "ZombieLoad" - could be exploited to steal private data from PCs and servers, including shared cloud environments. Intel, Microsoft, Apple and others have begun to ship patches designed to help mitigate the problems.
Fast Retailing, the parent company of several of Japan's biggest retail clothing chains, is warning customers of an attack that exposed email addresses and partial credit card information of more than 460,000 of the company's customers. The attackers apparently used credential stuffing techniques.
ScarCruft, a Korean-speaking APT group that has been targeting organizations mainly in Southeast Asia over the past three years, is developing new malware that targets Bluetooth-enabled devices, according to Kaspersky Lab.
Attackers exploiting a buffer overflow in WhatsApp's signaling software to automatically infect devices with malware - without users even having to answer their phone - and then alter call logs to hide attack traces is "a bit of a nightmare scenario," says cybersecurity expert Alan Woodward.
A growing area of concern for security researchers is a new crop of business email compromise schemes originating from Nigeria, with scammers upping their game by using new malware. The biggest of the crime gangs is SilverTerrier, according to Palo Alto Network's Unit 42.
Nine men have been charged in connection with an alleged SIM card swapping scheme that led to the theft of $2.4 million in cryptocurrency, the U.S. Justice Department says. The scheme allegedly involved the bribing of employees of Verizon and AT&T.
Security practitioners are warning enterprises using MongoDB to ensure proper authentication mechanisms are in place after a researcher discovered a MongoDB database containing information on 275 million Indians was exposed on the internet for at least two weeks and then it was apparently taken over by hackers.
The FBI and the Department of Homeland Security have issued a joint warning about new malware called "Electricfish." Investigators suspect it was developed by the advanced persistent threat group Hidden Cobra, which has been linked to North Korea.
Two Chinese men have been indicted on charges related to the breach of health insurer Anthem, which saw the personal information of 78.8 million individuals stolen, as well as attacks against three other large U.S. companies.
The latest edition of the ISMG Security Report analyzes the FBI takedown of DeepDotWeb, a dark net portal. Also featured are discussions on healthcare app security and the repercussions of poor coding security.
A new skimmer attack that has injected malicious JavaScript into the payment sections of 105 ecommerce websites is stealing credit card and other customer data, security researchers warn. The news comes after another recent report of similar attacks against online campus stores.
The "Fxmsp" hacker collective has been advertising source code that it claims to have stolen from three top U.S. anti-virus software development firms, as well as remote access to the companies' neworks, warns fraud-prevention firm Advanced Intelligence.
Accounting software giant Wolters Kluwer is continuing to attempt to recover from a malware attack that has disrupted access to its cloud-based tax and accountancy software, which the company says is used by most major U.S. accounting firms and global banks. Some users say they've been left unable to do their jobs.
Hackers stole 7,000 bitcoins, valued at about $41 million, from Binance, one of the world's largest cryptocurrency exchanges, the company confirmed Wednesday. The incident is the latest in a string of thefts from cryptocurrency exchanges around the world.
The DeepDotWeb portal, which provided a guide to darknet marketplaces, has been shut down and its alleged administrators arrested. Police say the suspected lead administrator, an Israeli based in Brazil who has been arrested at a Paris airport, amassed bitcoins for referral fees worth millions of dollars.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.