The Evil Corp cybercrime group, originally known for the Dridex banking Trojan, is now using new ransomware called WastedLocker, demanding ransom payments of $500,000 to $1 million, according to security researchers at NCC Group's Fox-IT.
Enterprises need to move away from manual threat detection methods to leverage artificial intelligence, which can help boost defenses, says Dr. Jassim Haji, president of Artificial Intelligence Society, Bahrain Chapter.
Many ransomware gangs hell-bent on seeing a criminal payday have now added data exfiltration to their shakedown arsenal. Gangs' extortion play: Pay us, or we'll dump stolen data. One massive takeaway is that increasingly, ransomware outbreaks also are data breaches, thus triggering breach notification rules.
Fraudsters are now deploying the IcedID banking Trojan via phishing campaigns that use the COVID-19 pandemic as one of several lures, according to Juniper Threat Labs.
The recent leak of 269 GB of sensitive data from more than 200 police departments and the FBI could be a sign that law enforcement agencies are becoming a prime target for hackers, given recent civil unrest.
A spear-phishing campaign is using military-themed malicious Microsoft Office documents to infect devices, according to researchers at Cisco Talos. The analysts also found this campaign is using a previously unknown dropper called IndigoDrop to spread a weaponized version of Cobalt Strike.
Hackers wielding Nefilim ransomware are targeting unpatched or poorly secured Citrix remote-access technology, then stealing data, unleashing crypto-locking malware and threatening to dump data to try to force payment, New Zealand's national computer emergency response team warns.
A Nigerian entrepreneur has pleaded guilty to charges stemming from an $11 million business email compromise scheme that targeted a U.K. affiliate of U.S. heavy equipment manufacturer Caterpillar.
Researchers at two security firms are tracking separate phishing campaigns that are targeting customers of Wells Fargo and Bank of America, according to reports. In each case, the fraudsters are attempting to steal users' credentials using various methods and lures.
Google has removed more than 70 malicious Chrome extensions after researchers with security firm Awake Security discovered the extensions could be used to steal users' credentials and security tokens.
The surge in phishing campaigns and other types of fraud using COVID-19 themes has diminished in recent weeks, according to the Microsoft Threat Protection Intelligence Team, which asserts in a new report that such campaigns were never a dominant threat.
The latest edition of the ISMG Security Report discusses recent research on the cyberthreats in multicloud environments and how to mitigate them. Also featured: A ransomware risk management update; tips on disaster planning.
Several Nigerian nationals have been indicted for their alleged involvement in business email compromise campaigns from 2015 to 2017 that targeted U.S. businesses.
A cyberespionage campaign that targeted aerospace and defense firms in Europe and the Middle East likely was the work of a hacking group with ties to North Korea, according to security firm ESET. Attackers also attempted a BEC-style scheme.
The Maze ransomware gang is continuing to exfiltrate data from victims before crypto-locking their systems, then leaking the data to try to force non-payers to accede to its ransom demands. Don't want to play ransomware gangs' latest games? The only way to opt out is by planning ahead.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.