Cryptojackers and eavesdroppers are continuing to exploit a one-time zero-day flaw in unpatched MikroTik routers, despite a patch that's been available for six months as well as the actions of a vigilante "gray hat" hacker who's forcibly "fixed" 100,000 vulnerable routers.
Facebook is eyeing spammers as being the culprits behind its recently disclosed mega-breach, The Wall Street Journal reports. Preliminary findings from Facebook's internal investigation suggest that the attackers were not affiliated with a nation-state, but rather part of a known spam ring, the newspaper reports.
An analysis of attacks against cryptocurrency exchanges over nearly two years shows hackers have inflicted $882 million in damages, according to the Russian security firm Group-IB. The tally of losses is likely to grow next year, the company warns.
Federal regulators have smacked health insurer Anthem with a record $16 million HIPAA settlement in the wake of a cyberattack revealed in 2015, which impacted nearly 79 million individuals. What missteps does the settlement highlight?
A batch of U.S. voter registration records from 20 states has appeared for sale online in what appears to be an illegitimate offering. While it's far from the largest-ever seen leak of voter data, the incident again highlights the lax controls too often applied to voter records.
The U.K.'s National Cyber Security Center incident response teams have investigated more than 1,000 significant incidents in the past two years, the majority of which trace to nation-state attackers, officials say.
Banks are working harder than ever to address the threats posed by money launderers, fraudsters and cyber attackers. Often, these three groups are one and the same.
Wouldn't it make sense for the teams in your bank facing these threats to work together more closely? We think the answer lies in an intelligence-led...
How Susceptible are Users to Active Threats?
With phishing still the #1 entry point for cyber-attacks, your defenses need to focus on the most pressing threats: active phishing campaigns that are probing your healthcare organization.
This report breaks down the Top 10 threats, with metrics showing how well users...
The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel. The breach alert follows a recent GAO report warning of serious cybersecurity shortcomings in U.S. weapon systems.
Facebook now says that 20 million fewer accounts were breached than it originally believed, but the attackers accessed extensive sensitive personal information on nearly half of those affected.
Cryptojacking - the hidden mining of virtual currencies - continues to be a focus for online attackers. As the detection of cryptocurrency mining malware continues to rise, Europol warns that cryptojacking will remain "a regular, low-risk revenue stream for cybercriminals."
Malware continues to increase in sophistication and routinely evades organizations' cyber defenses. It lurks inside networks waiting to execute attacks that can cause significant damage. Automated Static Analysis of binary files enables security teams to unlock an array of new threat intelligence, hunting, analysis,...
A decade ago sandboxing (dynamic analysis) was introduced as the first automated way to understand the actions of potential malware. Now widely deployed, it offers real value in understanding and identifying unknown malware.
However, there are limitations; it is unable to keep up with the large volume of malware...
The lack of visibility into and understanding of the millions of objects that move into an organization's network means threat hunters cannot adequately identify undetected malware they are hunting for.
Local Threat Intelligence combined with advanced malware hunting tools gives threat hunters a precise way to hunt...
The notorious GandCrab ransomware-as-a-service gang has released the latest version of its crypto-locking malware, backed by crypter service and exploit toolkit partnerships. But the gang's marketing savvy belies shoddy code-development practices, security firm McAfee finds.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.
