The U.S. needs to devise ways to counter Chinese cyber activity - including the theft of intellectual property and cyberattacks on government networks and critical infrastructure - that poses a direct threat to national security, according to those who testified at a Senate hearing this week.
A seemingly nonstop number of ransomware-wielding attackers have been granting tell-all media interviews. One perhaps inadvertent takeaway from these interviews is the extent to which - surprise - so many criminals use lies in an attempt to compel more victims to pay a ransom.
The Biden administration is attempting to build an international consensus on how to react to China's aggressive cyber actions, which is one reason why it held off sanctioning the country over attacks on vulnerable Microsoft Exchange servers, says Anne Neuberger, deputy national security adviser for cyber.
PayPal plans to hire more than 100 cryptocurrency experts, including those with expertise in compliance and anti-money laundering, as the online payments service expands its digital money transferring service and adds a "super app" wallet.
A congressional report examining eight federal agencies found that seven continue to improperly protect sensitive data and do not meet basic cybersecurity standards.
Chinese APT groups compromised networks of telecom providers across Southeast Asia in an effort to harvest customers' sensitive communications, according to Cybereason. As in other Chinese cyberattacks, these APT campaigns exploited flaws in Microsoft Exchange servers.
Tom Kellermann calls it a new "Twilight Zone" - an era in which cybersecurity adversaries can unleash destructive attacks that manipulate time, data, audio and video. The cybersecurity strategist shares insights and analysis from his latest Global Incident Response Threat Report.
Ransomware actors have taken a page from the playbooks of tech support scammers of yore by guiding victims to download malware through persuasion over the phone. Microsoft says the technique is more dangerous than it first realized.
In a new phishing scam that leverages the PayPal brand, attackers are using automated scripts and live chat as a way of compromising devices and bypassing secure email gateways.
Cloud video conferencing provider Zoom has agreed to settle a consolidated class action federal lawsuit for $85 million as well as reform its security and data privacy practices.
A funny thing happened on the way to the nonstop ransomware payday: Some groups hit the wrong targets - Ireland's health system, a major U.S. fuel pipeline - resulting in the U.S. moving to much more aggressively disrupt their business model, says Bob McArdle, director of cybercrime research at Trend Micro.
Behavioral biometrics can play an important role in mitigating the risk of authorized push payment fraud, says Reed Luhtanen, executive director at the U.S. Faster Payments Council.
Teleworking U.S. national security employees are putting sensitive data at risk if they use public Wi-Fi networks without using a virtual private network to encrypt the traffic, the National Security Agency notes in a new advisory.
A remote access Trojan is being distributed via download links for software or media articles on Telegram channels, according to researchers at AT&T Alien Labs.
Coordinated police operations across seven European countries resulted in the arrest of two Belarusian hackers by Polish authorities for allegedly committing black box attacks against ATMs. Such attacks cause an ATM cash dispenser to dispense cash on demand.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.