"Molerats," an Arabic-speaking advanced persistent threat group that has been targeting victims for several years, is now abusing Facebook accounts, as well as other cloud-based platforms, to deploy previously undocumented malware as part of an ongoing espionage campaign, according to Cybereason.
Russia-linked hackers used phishing emails with COVID-19 themes as a way to infect devices with a backdoor called Zebrocy, the security firm Intezer reports.
Because 2020 wasn't already exciting enough, now we have to worry about being hunted by adversaries wielding FireEye's penetration testing tools, thanks to the company having suffered a big, bad breach. Here's a list of targeted flaws that every organization should ensure they've patched.
FireEye's disclosure this week of the theft of its penetration testing tools - and its proactive response - has drawn praise but raised many questions, as well.
Government leaders are increasingly calling on cybersecurity researchers to better inform policymakers and are urging businesses to pay more attention to their in-house security teams, according to presenters at this week's Black Hat Europe virtual conference.
A hacking group behind an Android spyware variant has recently added fresh capabilities that include the ability to snoop on private chats on Skype, Instagram and WhatsApp, according to ReversingLabs. This APT group, believed to be tied to Iran, has recently been sanctioned by the U.S. Treasury Department.
If FireEye - one of the top cybersecurity firms - can't protect itself, how can clients be sure anything from anyone will keep them safe? The myth of a "secured environment" has been revealed to be exactly that.
FireEye, one of the world's top cybersecurity firms, says attackers stole its penetration testing tools and sought information about government clients. But FireEye doesn't believe the suspected nation-state hackers exfiltrated any data.
An ongoing spear-phishing campaign is spoofing the official Microsoft.com domain name and targeting users of the company's Office 365 suite, according to security firm Ironscales. Fraudsters are likely using these attacks to harvest credentials.
A JavaScript card skimmer group dubbed "FakeSecurity" recently deployed the Raccoon information stealer malware in order to target e-commerce sites to steal payment card details from victims, according to security firm Group-IB.
Alexander Vinnik, a Russian national who founded the now-defunct BTC-e cryptocurrency exchange, has been found guilty of money laundering in France and has been sentenced to five years in prison, according to media reports. He faces additional charges in the U.S. and Russia.
Another federal judge is blocking the Trump administration's attempt to ban the Chinese-made social media app TikTok from being used in the U.S. The White House claims that the data the app collects on American users poses a national security threat.
President Donald Trump on Friday signed into law the Internet of Things Cybersecurity Improvement Act of 2020, the first U.S. federal law addressing IoT security. The act requires federal agencies to only procure devices that meet minimum cybersecurity standards.
Knowing your customer has become of more a challenge in a world where in-person interaction has become scarce. Andrew Bud of iProov discusses how identity proofing is evolving to meet the challenge.
Are insurers getting cold feet over covering losses to ransomware? With claims due to ransomware skyrocketing, some insurers have reportedly been revising offerings to make it tougher for companies to claim for some types of cybercrime, including extortion.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.