Cybercriminals continue to rely on proven attack methods while developing new ways to infiltrate digital environments and break through your human defense layer.
But how can you reduce your organization’s attack surface? We looked at 12.5 million users across 35,681 organizations to find out.
In this webinar...
Now that the long-awaited FedNow faster-payment program is operating, experts debate whether U.S. financial institutions will embrace the payment ecosystem and whether the Federal Reserve and the banking industry can overcome implementation challenges and mitigate cybersecurity and fraud issues.
Unknown hackers attacked a dozen Norwegian government ministries through a zero day vulnerability present in a shared digital platform, the Oslo government disclosed Monday. The prime minister's office and the ministries of defense, justice and foreign affairs were unaffected.
A U.S. couple is set to file a plea deal for their role in laundering $4.5 billion in cryptocurrency from the Bitfinex virtual currency exchange in 2016. Federal prosecutors say they moved crypto to hide their tracks, withdrew it from ATMs and used gift cards to spend the money.
A Florida hospital is notifying 1.2 million patients that their information was stolen by hackers in a cybersecurity incident that spanned for nearly three weeks in May as attackers tried to encrypt the entity's systems with ransomware. The hospital repelled the attack but couldn't stop the breach.
The count of organizations affected by the Clop ransomware group's attack on MOVEit file-transfer software users continues to grow, now numbering over 400 organizations that were directly or indirectly impacted. More than 20 million individuals' personal details were stolen in the attacks.
This week, the U.S. ambassador to China was the latest Chinese hack victim, Linux malware infected 70,000 routers, Norway banned Meta ads, the MOVEit breach affected 1.2 million more customers, a Russian medical lab suffered a ransomware attack, and Estée Lauder shut down systems after a breach.
Security researchers say the Chinese state-sponsored espionage group APT41 is using WyrmSpy and DragonEgg surveillance malware to target Android mobile devices. APT41 recently switched tactics to develop malware specific to the Android operating system.
Days after attributing the recent breach in its customer environment, enterprise software company JumpCloud on Thursday confirmed the involvement of a North Korean nation-state actor who appears to be financially motivated to steal cryptocurrency.
Cybercriminals are leveraging Google's paid advertisement service to push malicious sites on top search results in order to trick victims into downloading info stealers and backdoors. Researchers suspect it could be a workaround for the changes Microsoft made to protect against malicious macros.
Adobe released a fresh out-of-band security update to patch an improperly fixed ColdFusion zero-day vulnerability being actively exploited in the wild that allows attackers to bypass security controls. The update includes fixes for two other critical vulnerabilities.
Between July 14 and 20, senators introduced a bill to address DeFi risk, Nasdaq held back crypto custody plans, DeFi hackers laundered lesser amounts of stolen funds in the first half of this year than in H1 2022, and an Australian bank blocked payments to high-risk crypto exchanges.
While self-proclaimed Russian hacktivist groups such as KillNet, Tesla Botnet and Anonymous Russia claim they're wreaking havoc on anti-Moscow targets, a fresh analysis of their attacks finds that despite rampant self-promotion, their real-world cybersecurity impact is typically negligible.
Top U.S. and Australian cybersecurity agencies strongly urged users to patch a critical zero-day flaw in Citrix ADC and Gateway appliances being exploited by unnamed threat actors in the wild. The bug, which is tracked as CVE-2023-3519, gives unauthenticated attackers RCE privileges.
Many critical infrastructure sector organizations, especially smaller entities, will likely struggle to comply with an upcoming requirement to report cyber incidents to federal regulators within 72 hours - due to an assortment of reasons, said Stanley Mierzwa of Kean University.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.