Recent hacking incidents, including one targeting Twitter, are raising awareness of the importance of privileged access management, says David Boda, group head of information security for Camelot Group, operator of the U.K. National Lottery. He describes PAM best practices.
So-called "cybersquatting" attacks are surging, with financial and e-commerce websites - including those of PayPal, Royal Bank of Canada, Bank of America and Amazon - among the most frequent targets, according to Palo Alto Networks' Unit 42.
A recently uncovered malicious email campaign is delivering to businesses multiple types of malware, including a Trojan designed to steal banking credentials and other financial information, according to a research report from Cisco Talos.
Twitter is investigating the hacking of an account associated with Indian Prime Minister Narendra Modi for an apparent cryptocurrency scam, according to news reports. The incident appears similar to a July Twitter hack that hit well-known targets in the U.S. and Europe.
Evilnum, a hacking group that targets fintech firms mainly in the U.K. and Europe, is deploying a new remote access Trojan, according to Cybereason. The group is targeting "know your customer" procedures to start these attacks.
Facebook says the Russian troll group that interfered in the 2016 U.S. election is at it again, using sham accounts and a fake news site to spread disinformation in advance of the November election. Facebook says it took down the accounts involved.
A global phishing campaign that purports to offer information about surgical masks and other personal protective equipment for use during the COVID-19 pandemic is infecting victims' devices with the AgentTesla remote access Trojan, according to researchers at Area 1 Security.
"Charming Kitten," a hacking group with ties to Iran, is now using LinkedIn and WhatsApp messages to contact potential victims and persuade them to visit a phishing page, according to ClearSky. The threat actors initially posed as journalists looking to contact sources.
A Ghana resident has been extradited to the U.S. to face charges of targeting a Memphis-based real estate company in a sophisticated BEC scam and participating in other criminal schemes, according to the Justice Department.
U.S. agencies have issued a warning about increases in bank heists worldwide spearheaded by a hacking group called "BeagleBoyz," a subset of the Lazarus Group, which has ties to the North Korean government.
The Lazarus Group, which has ties to the North Korean government, recently targeted an employee of a cryptocurrency exchange with a fake job offer in order to plant malware and steal virtual currency, according to F-Secure.
Endpoint devices have multiplied exponentially across the enterprise landscape in 2020 - and so have endpoint security challenges. Following a recent virtual roundtable discussion of the topic, Kaspersky's Dipesh Kaura weighs in on how to improve endpoint detection and response.
FINRA, a private organization that helps self-regulate brokerage firms and exchange markets, is warning that fraudsters have recently started creating spoofed websites and domains using members' real names and images in an attempt to steal personal information and credentials.
Scammers have reportedly been putting one over on customers of the famous Ritz London, which says it is "aware of a potential data breach within our food and beverage reservation system, which may have compromised some of our clients' personal data." No payment card data was exposed, it says.