A fresh round of Joker malware that targets Android users has been found in Google Play as well as third-party app stores, according to reports from Zscaler and Zimperium. The Joker apps can steal SMS messages, contact lists and device information from infected smartphones.
A security incident that apparently involved ransomware has crippled the network of Universal Health Services, which owns hundreds of facilities across the U.S.
Following a ransomware attack last week that affected its corporate network and phone systems, Tyler Technologies, a supplier of software and services to local, state and federal government agencies, is urging its customers to reset their passwords after reports of "suspicious logins to client systems."
A federal judge Sunday granted TikTok's request for a temporary injunction to block the Trump administration's order that would have banned the Chinese social media app from the U.S. The order came hours before the ban was scheduled to go into effect.
An internet-connected coffee machine is the latest IoT device to show security problems. The security firm Avast infected the Smarter Coffee machine with ransomware that causes uncontrollable spinning of its grinder and dispensing of hot water. The only option to stop it? Unplug the machine.
Virtual payment cards being tested in Europe and the United States could help mitigate the risk of merchant fraud, says Rui Carvalho of the nonprofit European Association for Secure Transactions.
The FBI is warning organizations in the financial sector about an increase in botnet-launched credential stuffing attacks that are leading to the theft of millions. Many of these attacks, which target APIs, are being fed by billions of stolen credentials leaked over the last several years.
Microsoft removed 18 apps from its Azure cloud platform that were being used by hackers as part of their command-and-control infrastructure. The threat group, called Gadolinium, was abusing the infrastructure to launch phishing email attacks, Microsoft researchers say.
Facebook is again cracking down on fake accounts and pages linked to a Russian IRA troll farm or the country's military intelligence units that were being used for disinformation campaigns. Meanwhile, the FBI issued a fresh warning that threat actors are attempting to target U.S. voting infrastructure.
The U.S. Government Accountability Office is urging Congress to pass legislation to reestablish a White House cybersecurity coordinator role. The position would coordinate the government's response to online attacks and other cybersecurity challenges facing the nation.
Training employees to resist phishing emails is key to preventing compromises. But an exercise run by Tribune Publishing Co. created a searing backlash after its phishing exercise tempted employees with bogus bonuses in a year in which they had already endured financial hardships.
The latest edition of the ISMG Security Report features an analysis on why criminals continue to use darknet markets, despite the risks. Also featured: Hackers target Virgin Mobile KSA; coping with COVID-19 stress.
With so many cybercrime markets continuing to disappear, why haven't encrypted messaging apps stepped in to fill the gap? They might seem to be the perfect solution to admins stealing buyers' and sellers' cryptocurrency - via an exit scam - or police infiltration. But encrypted apps have their own downsides.
As the tally of reported heath data breaches related to the May ransomware attack on Blackbaud continues to climb, so do the number of lawsuits filed against the cloud-based fundraising software vendor.
Australian police say they've broken up a sophisticated SMS phishing scheme designed to collect personal details and bank login credentials. It's a rare success in the fight against unsolicited text messages.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.