The FBI has arrested another alleged member of the FIN7 cybercrime gang, which has been stealing millions of payment cards and other financial data since at least September 2015. It's the fourth arrest of those tied to the group.
Two years after it was last seen in February 2018, ZLoader banking malware has resurfaced, with cybercriminals wielding a new version that gets distributed via email campaigns, security firm Proofpoint warns.
Some fraudsters waging phishing campaigns are using fake websites hosted on Google's Firebase Storage service in an attempt to harvest credentials, according to Trustwave, which notes the phishing emails contain links to the service to make them look more credible.
A recent phishing campaign bypassed multifactor authentication protections within Microsoft Office 365 to steal users' credentials stored in the cloud or launch other attacks, according to the security firm Cofense.
Fraudsters are now using numerous spoofed website templates with COVID-19 themes as part of phishing attacks designed to steal login credentials and banking data, according to Proofpoint.
Fraudsters are honing their phishing emails tied to the COVID-19 crisis, using fake messages about business continuity plans and new payment procedures to spread the LokiBot information stealer, Microsoft researchers report.
German prosecutors believe that an alleged Russian hacker who apparently is a member of an elite military unit is responsible for the 2015 cyberattack against Germany's parliament, according to a news report. Earlier, the suspect was charged in connection with U.S. 2016 election interference.
Enterprises have long used Virtual Private Networks to promote connectivity and security. But as the gatekeeper to internal resources, VPNs can be a target for attackers looking to gain access to sensitive data. It's essential organisations take steps to secure VPNs to protect against unauthorised access and data...
Organizations that have shifted to a remote workforce as a result of the COVID-19 pandemic should help in the battle against cybercrime by reporting all security incidents to law enforcement officials for investigation, says Brijesh Singh, inspector general of police, the government of Maharashtra.
Ransomware, phishing, extortion scams - they all are
using COVID-19 themes. But socially engineered attacks
were already on the rise before the pandemic, say Olesia
Klevchuk and Nishant Taneja of Barracuda, who share
insights on the evolution of cloud-based email defences.
Download this eBook to learn more...
A recently uncovered phishing campaign is spoofing notifications from Microsoft's Teams collaboration platform in order to harvest Office 365 credentials from employees working from home offices because of the COVID-19 pandemic, according to research from Abnormal Security.
A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB. The campaign, which targets Office 365 users, appears to trace to attackers operating from Nigeria and South Africa.
Researchers are seeing a spike in opportunism by fraudsters and cybercriminals seeking to profit from the COVID-19 crisis. Underground online markets are offering a range of pandemic-related goods, from face masks to fraudulent vaccines.
The average ransom paid by victims to ransomware attackers reached $111,605 in the first quarter of this year, up 33% from the previous quarter, reports ransomware incident response firm Coveware, which sees the Sodinokibi, Ryuk and Phobos malware families continuing to dominate.
With most employees working at home during the COVID-19 pandemic, it's more important than ever for businesses to ensure that their third-party providers have adequate business continuity plans in place to ensure uninterrupted service, says Srilanka-based Sujit Christy, global CISO at John Keells Holdings.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.