Twitter says attackers who hijacked more than 130 high-profile Twitter accounts used social engineering to bypass its defenses, including two-factor authentication on accounts. Experts say companies must have defenses in place against such schemes, which have long been employed by fraudsters.
A group of spoofed cryptocurrency trading apps is targeting devices running macOS to install malware called Gmera, security firm ESET reports. The malware can steal users' data as well as their cryptocurrency wallets.
An Iranian-backed hacking group appears to have accidentally left over 40 GB of training videos and other material exposed online, according to researchers at IBM, who found the unprotected server. The material includes videos describing attacks aimed at U.S. Navy and State Department personnel.
Criminals are continuing to capitalize on the new opportunities being created by the ongoing COVID-19 pandemic to hone their phishing, scams, ransomware and other schemes, says Craig Jones, who leads the global cybercrime program for INTERPOL.
The operators behind a family of Brazilian banking Trojans are expanding their operations to other parts of Latin America as well as North America and Europe, according to Kaspersky. Some of these malware variants have been re-engineered to better avoid security tools.
The latest edition of the ISMG Security Report analyzes the latest developments in banning Huawei technology from 5G networks. Also featured are discussions of how to respond better to cybercrime and whether we're on the cusp of a digital currency revolution.
While the Wednesday hijacking of several high-profile and verified Twitter accounts appears to have been confined to a cryptocurrency scam, security experts are warning that the platform's security failures could lead to bigger attacks down the road.
A malicious app called Welcome Chat has been spotted targeting Android users in Middle Eastern countries - where chat apps are illegal, according to new report by security firm ESET.
It's common for security researchers to be ignored when reporting a software vulnerability. The latest example - vulnerabilities found by Independent Security Evaluators in a router made by China-based Tenda.
A Russian national has been found guilty of hacking LinkedIn, Dropbox and the now defunct Formspring to steal millions of user credentials, some of which were later sold on underground markets.
How do you proactively manage policy changes, protect devices and stop new threats? You need a radically new approach to network security that can scale faster than manual approaches.
To the long list of alleged hackers who failed to practice good operational security so they could remain anonymous, add another name: Andrey Turchin, who's been charged with running the Fxmsp hacking group, which prosecutors say relied on Jabber and bitcoins in an attempt to hide their real identities.
The U.S. Secret Service is combining its electronic and financial crime units into a single task force that will focus on investigating cyber-related financial crimes, such as BEC schemes and ransomware attacks. The move comes as lawmakers push for the Secret Service to take a more active role in fighting cybercrime.
Five billion unique user credentials are circulating on darknet forums, with cybercriminals offering to sell access to bank accounts as well as domain administrator access to corporate networks, according to the security firm Digital Shadows.
Finding the right tools to analyze evidence for fraud investigations is challenging, says Paula Januszkiewicz, CEO of CQURE, a provider of specialized services in IT infrastructure. She'll be a featured speaker at the RSA APJ virtual conference to be held July 15-17.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
