North Korean is using weaponized versions of open source utilities to spy on the technology, defense and entertainment sectors worldwide. Microsoft says it spotted fake profiles of supposed job recruiters who really are Pyongyang hackers manipulating victims into downloading Trojans.
Hackers, possibly Chinese, are exploiting Microsoft Exchange zero-day vulnerabilities to apparently implant backdoors and steal credentials. The computing giant says it doesn't yet have a patch, telling systems administrators to instead implement workarounds.
Over his 23-year career in cybersecurity, Tom Kellermann has focused on policy, endpoints and even strategic investments. Now, in his new role as senior vice president of cyber strategy at Contrast Security, his mission is to protect code security - particularly in the public and financial sectors.
The United States is arguably involved in a cyberwar against Russia and China - and appears to be losing. In this episode of "Cybersecurity Unplugged," Tom Kellerman of Contrast Security and Richard Bird of Traceable.ai discuss what the U.S. government and companies need to do to win this cyberwar.
The latest edition of the ISMG Security Report discusses what went wrong for Optus in the wake of one of Australia's biggest data breach incidents, the state of code security today and the growing trend of private equity firms pursuing take-private deals.
American Airlines says unauthorized access to its email system is behind a July data breach incident affecting more than 1,700 individuals. Someone synced with an employee's inbox to send out phishing emails that appeared to come from the Texas-based airliner.
Jamf plans to buy startup ZecOps to extend its ability to detect and respond to sophisticated threats across Mac, iOS and Android devices. Jamf's proposed acquisition will provide threat hunting tools to determine if any advanced attacks have compromised mobile devices.
Banks and telecoms need to make it easier for customers to sign up, buy merchandise online, take out loans, open bank accounts, and use credit cards. Processes are designed to encourage new business.
Thieves defeat these processes with high-volume attacks and synthetic identities. Without analysis, these fabricated...
For fraudsters, the sharp and hasty shift to digital and the intense focus on customer experience over the last few years has opened doors. Application fraud soared during the pandemic and continues to grow today. Evolving technology (bots, cloud infrastructure and virtual machines) has enabled criminals to submit...
As awareness of first-party fraud's scope improves, financial institutions are finding that as much as 30% of their bad debt is actually fraud. These debts are uncollectible because the borrowers , to whom they issued credit, never intended to pay and may have been nothing more than syntheic identities.
This Q&A goes over the challenges financial institutions face with application fraud. The speed of digital transformation, the many ways in which application fraud manifests and the need to provide excellent customer experience.
A new malware dropper uncovered by Kaspersky targets would-be users of pirated software with a slew of nasty infections including backdoors, Trojan-Banker programs, downloaders, spyware and more. The cybersecurity company calls the dropper "NullMixer."
Identity protection, XDR, data analytics and cloud security have been SentinelOne's biggest investment areas, says CEO Tomer Weingarten. Cloud has become the fastest-growing part of SentinelOne's business, appealing even to customers who might have chosen a different vendor for endpoint security.
A phishing email led to the spread of the Cryptolocker Trojan inside the court system of Chile, adding to a growing list of cyber disruptions affecting the South American country. Court officials stressed that the virus was contained before it could disrupt judicial proceedings.
The person who stole nearly 10 million customer records from Australian telco Optus withdrew their AU$1.5 million extortion attempt after suddenly releasing 10,000 customer records. Also, Optus says it has not paid a ransom as it grapples with one of the largest data breaches in the country.