Chinese APT groups compromised networks of telecom providers across Southeast Asia in an effort to harvest customers' sensitive communications, according to Cybereason. As in other Chinese cyberattacks, these APT campaigns exploited flaws in Microsoft Exchange servers.
Tom Kellermann calls it a new "Twilight Zone" - an era in which cybersecurity adversaries can unleash destructive attacks that manipulate time, data, audio and video. The cybersecurity strategist shares insights and analysis from his latest Global Incident Response Threat Report.
Ransomware actors have taken a page from the playbooks of tech support scammers of yore by guiding victims to download malware through persuasion over the phone. Microsoft says the technique is more dangerous than it first realized.
In a new phishing scam that leverages the PayPal brand, attackers are using automated scripts and live chat as a way of compromising devices and bypassing secure email gateways.
Cloud video conferencing provider Zoom has agreed to settle a consolidated class action federal lawsuit for $85 million as well as reform its security and data privacy practices.
A funny thing happened on the way to the nonstop ransomware payday: Some groups hit the wrong targets - Ireland's health system, a major U.S. fuel pipeline - resulting in the U.S. moving to much more aggressively disrupt their business model, says Bob McArdle, director of cybercrime research at Trend Micro.
Behavioral biometrics can play an important role in mitigating the risk of authorized push payment fraud, says Reed Luhtanen, executive director at the U.S. Faster Payments Council.
Teleworking U.S. national security employees are putting sensitive data at risk if they use public Wi-Fi networks without using a virtual private network to encrypt the traffic, the National Security Agency notes in a new advisory.
A remote access Trojan is being distributed via download links for software or media articles on Telegram channels, according to researchers at AT&T Alien Labs.
Coordinated police operations across seven European countries resulted in the arrest of two Belarusian hackers by Polish authorities for allegedly committing black box attacks against ATMs. Such attacks cause an ATM cash dispenser to dispense cash on demand.
The new BlackMatter ransomware operation claimed to have incorporated "the best features of DarkSide, REvil and LockBit." Now, a security expert who obtained a BlackMatter decryptor reports that code similarities suggest "that we are dealing with a Darkside rebrand here."
The Russian-linked group that targeted SolarWinds using a supply chain attack compromised at least one email account at 27 U.S. attorneys' offices in 15 states and Washington, D.C., throughout 2020, according to an update posted by the Justice Department.
A newly uncovered banking Trojan dubbed Vultur is targeting Android users through screen recording to capture the victims' banking credentials, a new report by security firm ThreatFabric says.
Researchers at the security firm RiskIQ have uncovered about 35 active command-and-control servers connected with an ongoing malware campaign that has been linked to a Russian-speaking attack group known as APT29 or Cozy Bear.
The ransomware landscape changes constantly as groups disappear, change approaches or rebrand. The DoppelPaymer operation, for example, appears to have reinvented itself as Grief, while the administrator of Babuk has launched a ransomware-friendly cybercrime forum called RAMP.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.