The calculus facing cybercrime practitioners is simple: Can they stay out of jail long enough to enjoy their ill-gotten gains? A push by the U.S. government and allies aims to blunt the ongoing ransomware scourge. But will practitioners quit the cybercrime life?
As ransomware attacks continue to dominate headlines, Quentyn Taylor, a Canon director of information security, cautions organizations not to forget about "some of the other threats, like business email compromise," which continue to cripple organizations through financial and reputational damage.
Massachusetts-based UMass Memorial Health is the latest large healthcare network to report an email phishing incident that potentially compromised hundreds of thousands of individuals' protected health information. The unauthorized email access lasted about seven months.
As the global pandemic enters its second year, IT and infosec teams continue to face challenges on all sides. On top of “ordinary” cybersecurity issues, they’re dealing with an explosion of pandemic-themed phishing scams and a surge in ransomware attacks. How well prepared are users?
CoinMarketCap says it has found no evidence of a data beach despite the circulation of a list of 3.1 million email addresses that correlates with accounts on its service. Regardless of the source, the list would be useful for attackers to launch phishing attacks against those interested in cryptocurrency.
The U.S. Attorney's Office for the Eastern District of Virginia last week indicted three men - including an ex-employee of Bank of America and TD Bank - with money laundering and aggravated identity theft after the men allegedly conducted an extensive business email compromise scheme.
Some 14,000 Google users were warned of being suspected targets of Russian government-backed threat actors on Thursday. The next day, the tech giant announced cybersecurity updates - particularly for email accounts of high-profile users, including politicians and journalists.
Yes, you know they are coming. And yes, the fraudsters have raised their game. But that doesn't mean you can't stop socially engineered attacks before threat actors can pull off their scams. Mike Britton of Abnormal Security tells you how.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including why enterprises need a multilayered approach to securing identity, how fraud will evolve in 2022 and the need to secure backdoors to prevent ransomware attacks.
Two proposed class action lawsuits filed this week in a California federal court allege negligence and a variety of other claims against UC San Diego Health in the wake of a phishing incident that affected nearly 496,000 individuals.
Chinese security researcher Pan Xiaopan has discovered a malware targeting Mac users. The malware, spread via a paid advertisement on search engine Baidu, is intended to harvest user credentials, he says. The advertisement has now been taken down.
As the risks to IT and OT converge, organizations must use "zero trust" to verify user identities and build effective monitoring capabilities to track the behavior of privileged users, say Kartik Shahani of Tenable and Rohan Vaidya of CyberArk.
The COVID-19 crisis has posed an unparalleled challenge for cybersecurity. Like COVID-19, cyberattacks spread fast and far - creating more and more damage. But the pandemic has also had a positive impact on the cybersecurity function, which Tarun Kumar, CISO at Nissan, describes here.
Microsoft Security on Tuesday issued a detailed report on a massive phishing-as-a-service operation named BulletProofLink that offered as a subscription all the tools needed to conduct a campaign. The gang remains operational.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.