U.S. prosecutors this week unsealed an indictment against the alleged hacker "Fxmsp" after his identity was revealed in a cybersecurity firm's report. That sequence of events has raised questions about information sharing and highlighted law enforcement's reliance on private cybersecurity researchers.
A little-known advanced persistent threat group dubbed Evilnum has been targeting fintech firms in the U.K. and Europe over the past two years, using spear-phishing emails and social engineering to start their attacks, according to the security firm ESET.
Did a private cybersecurity firm's report into the "Fxmsp" hacking operation that deduced the identity of the group's alleged leader disrupt a U.S. law enforcement investigation?
The Cerberus banking Trojan and info stealer was found posing as a legitimate money converter app in the Google Play Store, where it was downloaded more than 10,000 times, according to Avast Mobile Threat Labs.
A credit card skimmer that has been operating since April is specifically targeting sites hosted on Microsoft IIS servers that are currently running an out-of-date version of ASP.NET, according to security firm Malwarebytes. About 27 million websites still use this now unsupported software.
The U.S. Justice Department has charged Kazakhstan national Andrey Turchin with being the hacker known as "Fxmsp," as well as running a hacking collective known by the same name that's been tied to 300 attacks worldwide, including against anti-virus vendors.
Last year, 81 percent of organizations experienced one or more successful cyberattacks.
That's just one revelation in the 2020 Cyberthreat Defense Report that will make you reevaluate your security posture.
Filled with key insights and statistics, you'll learn how your IT security peers cope in a world that's...
New research shows why planning for a long-term remote workforce is critical and which approaches to turn to during COVID-19 and beyond.
For those tasked with protecting network security, the work-from-home model creates unprecedented challenges at a time when teams are already doing more with less while facing a...
A U.S. federal court has issued an injunction that gives Microsoft permission to seize control of several malicious domains being used to operate a COVID-19-themed phishing scam, according to recently unsealed court documents.
A newly uncovered Russia-based business email compromise gang has been targeting hundreds of large, multinational corporations in over 40 countries since 2019, according to the security firm Agari.
The developers behind the Purple Fox fileless downloader malware recently upgraded their operation and are now targeting two new vulnerabilities to gain access to networks, according to a report by security firm Proofpoint.
Ransomware-wielding attackers continue to pummel organizations. But labeling these as being just ransomware attacks often misses how much these incidents involve serious network intrusions, exfiltration of extensive amounts of data, data leaks and, as a result, reportable data breaches.
A Nigerian national who has been extradited to the United States allegedly laundered millions of dollars stolen in business email compromise scams, according to the Justice Department. He flaunted his lavish lifestyle on social media, prosecutors say.
Security researchers warn that the number of exploit attempts targeting a critical vulnerability in F5 Networks' BIG-IP networking products has steadily increased since the company first announced the flaw late last week. They urge users to immediately apply patches.
Hackers with apparent ties to North Korea have extended their bag of online attack tricks beyond cryptocurrency mining, online bank heists and ransomware. Now, they're also hitting e-commerce merchants in the U.S. and Europe with Magecart attacks to steal payment card data, security firm Sansec reports.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.