A Russian group that was behind the massive SolarWinds supply chain attack has returned with a fresh phishing campaign, according to Microsoft. This new campaign compromised a marketing firm used by the U.S. Agency for International Development - USAID - to send malicious messages to thousands.
Two China-linked threat groups are still exploiting unpatched flaws in Ivanti's Pulse Connect Secure VPN products, using additional malware variants to support cyberespionage, FireEye's Mandiant Threat Intelligence team says.
In this week's panel discussion, four editors at Information Security Media Group discuss cyber insurance, persistent ransomware attacks and whether ransom payments should be banned.
The latest edition of the ISMG Security Report features an analysis of the city of Tulsa's decision to refuse to pay a ransom following an attack. Also featured: Johnson & Johnson's CISO on shifting priorities; mitigating quantum computing risks.
Belgium's interior ministry, Federal Public Service Interior, is investigating an attack against its network that appears to have the hallmarks of a cyberespionage campaign.
A threat group likely operating from Iran has been attacking Israeli targets for more than a year with the wiper variants Apostle and Deadwood, masking the intrusions as ransomware attacks to confuse defenders, according to SentinelOne.
Network intrusion displaced phishing as the leading hack-attack tactic last year, while ransomware continued to surge as the pandemic complicated incident response efforts, says BakerHostetler's Craig A. Hoffman, who describes trends from the 1,250 incidents his firm helped manage.
The Hydra darknet marketplace, which initially focused on narcotics sales, now also offers stolen credit cards, SIM cards, VPN access and cryptocurrency laundering services, with annual sales exceeding $1 billion, according to a new research report, which explains the market's tactics.
Carl Pei, co-founder of OnePlus, a smartphone company, said Tuesday that his Twitter account had been compromised via a third-party app called IFTTT and a tweet had been injected via his profile for an apparent cryptocurrency scam.
Iran is using its abundance of oil to generate electricity that powers a massive bitcoin cryptomining operation that enables the country to turn its greatest natural resource into money, offsetting some of its income lost as a result of economic sanctions, according to cryptocurrency analysis firm Elliptic.
The U.K.-based insurance firm One Call says it has successfully restored its systems in a new environment that is separate from the one that was impacted by a ransomware attack May 13, adding that a ransomware note which purported to be from DarkSide could not be verified as authentic.
Scammers are increasingly using Windows Push Notifications to impersonate legitimate alerts as a first step toward installing malicious Windows applications to harvest user and system information, according to a global report by McAfee.
Microsoft is warning about a spam campaign that uses an updated variant of Java-based StrRAT malware that steals confidential data while disguising itself as a ransomware infection even though it does not actually encrypt data.
Ransomware attacks are stuck on repeat: Criminal syndicates have found an extremely profitable business model, and they're milking it for all it's worth. So give the city of Tulsa, Oklahoma, credit for having in place robust disaster recovery capabilities and vowing to remediate, rather than pay criminals.
An unidentified nation-state hacking group targeted several Russian federal agencies as part of a cyberespionage campaign that compromised the country’s federal networks to steal sensitive data, according to a report from Russian security firm Rostelecom-Solar.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.