Accenture analyzed the top 20 most active ransomware leak sites to see how threat actors are posting sensitive corporate information and making the data easy to search and exploit. Accenture's Robert Boyce explains how cybercriminals are weaponizing stolen ransomware data for follow-up attacks.
Twitter's former security chief, Peiter Zatko, aka "Mudge," filed a whistleblowing complaint against the social media giant with the U.S. Securities and Exchange Commission, alleging that "extreme, egregious deficiencies" in its cybersecurity remain unresolved.
Evolving social engineering campaigns - including a significant rise in vishing attacks - continue to pose significant data security threats to healthcare and public sector entities, federal authorities warn, urging entities to take steps to avoid falling victim.
Expel is out with its latest quarterly threat report, which reveals that Identity-based attacks now account for 56% of incidents identified by Expel's SOC. Jon Hencinski shares highlights from the report and how to respond to BEC, ransomware and attackers who have found ways to defeat MFA.
Hackers looted Bitcoin ATMs of $16,000 in an attack manufacturer General Bytes says stems from a zero day vulnerability accidently introduced in 2020. An executive with the Czech company suggest attackers may have been motivated out of vengeance for its pro-Ukraine stance.
In the tit-for-tat world of advanced persistent threats, security measures set by Microsoft such as multifactor authentication are being met by Russian hacking group APT29 with circumvention techniques. Mandiant says it's seeing several new hacking methods by the group, also known as Cozy Bear.
Beleaguered spyware vendor NSO Group is attempting to reboot its corporate image by pledging to only sell its wares to NATO member countries, lay off 10% of its workforce and replace its CEO, as it seeks a buyer. But the company, which remains blacklisted by the U.S., faces an uphill battle.
Domain name registrars track domain name owners via "whois" data, which is a crucial tool for investigators combating cybercrime. But Kroll's Alan Brill says that since the EU General Data Protection Regulation went into effect, many registrars no longer publicly share such information, and that's a problem.
At Splunk, we believe data is the key to success in all facets of life, including building your March Madness bracket. That is why we built a prediction engine in Splunk to showcase the data behind each team and try to curate the perfect bracket. During the webinar, Splunk experts will share the story behind the...
Researchers uncovered a spear-phishing campaign targeting automotive and chemical manufacturers across the Spanish-speaking nations of Mexico and Spain. The latest campaign began in June 2022, uses Grandoreiro banking Trojan and impersonates Mexican government officials, Zscaler ThreatLabz reports.
Threat actors are using Amazon Web Services solutions to create phishing pages that bypass security scanners and scam victims into handing over credentials. Avanan researchers call the method of using legitimate services as a piggyback to land in the inbox "the Static Expressway."
Google detected and stopped one of the largest distributed denial-of-service incidents yet in a likely sighting of the Mēris botnet. Google is not releasing the identity of the victim, whose web servers faced 46 million https requests per second in the attack, which lasted for more than an hour.
The Identity Theft Resource Center's new report shows a 1,044% increase in social media account hijacking. Banking fraud is also rising, with scammers focusing on using stolen personal data to open new banking and credit card accounts in victims' names, says COO James Lee.
Four ISMG editors discuss how security leaders determine the right level of security for the business, the growing risk of business ID theft to enterprises, and the arrest of a developer suspected of working for cryptocurrency mixing service Tornado Cash, for "facilitating money laundering."
A crowded field of 51 threat groups in the Russia-Ukraine cyberwar has attacked 29 nations - with attacks in Ukraine aimed at "sowing chaos and confusion" on and off the battlefield. This special report covers the tactics, techniques and motivations of threat actors and fallout for other nations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.