Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they’re more targeted, more cunning and more dangerous. And this enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more.
Join Roger Grimes, KnowBe4’s...
Malware developers are adopting an easy-to-use obfuscation tool that slips malware past antivirus, warn security researchers. BatCloak requires minimal programming skills to use. Among its recent successes is a recent remote access Trojan dubbed SeroXen.
Mihai Ionut Paunescu, who hosted "bulletproof" infrastructure for malware, received a prison sentence of 36 months. His sentencing concludes a 10-year effort by prosecutors against a trio of hackers who created and distributed the Gozi banking Trojan.
Hacking group Asylum Ambuscade, which security researchers say aligns with Belarusian government interests, has an "unusual" twist: It appears to be mixing cybercrime - focused on banking and cryptocurrency customers - with cyberespionage, including attacks targeting Ukraine.
A threat actor is using a custom-made backdoor to target organizations operating in South and Southeast Asia. Sectors at immediate risk include government, aviation, education and telecommunications. The Lancefly ATP group uses custom-written malware that Symantec's Threat Hunter Team calls Merdoor.
While historically the origin of most business email compromise (BEC) attacks has been West Africa, residing in Nigeria certainly isn’t a requirement for BEC attackers. Indeed, the subject of this report is a sophisticated threat group based in Israel.
The group is unique in that they impersonate executives and...
U.S. authorities revealed the Russian man behind a two-decade span of abetting cybercriminals' theft of credit cards, dismantled his online infrastructure and offered a hefty reward for information leading to his arrest. Prosecutors say the man, Denis Kulkov, ran a service now known as Try2Check.
The pandemic brought about notable shifts in technology and cybersecurity. It also widened the attack surface, making it bigger than ever before. This change is driven by factors such as hybrid workplaces, cloud migration and SaaS dependencies, according to SANS Institute's Ed Skoudis.
Cybersecurity is forever a growing concern for organisations of all sizes. The challenges include a spike in threats, the evolving technology landscape that increases the threat surface, the impact of regulation, too many isolated point products, and a lack of skills and budget for adequate defence.
Companies are...
Apple users: Don't fear newly discovered samples of LockBit ransomware designed to target newer macOS devices. Researchers say the still-in-development code, tied to no known in-the-wild attacks, contains numerous errors, leaving it unable to execute.
Microsoft has issued fixes for 114 vulnerabilities, including patching a zero-day flaw being actively exploited by a ransomware group and updating guidance to block a vulnerability from 2013 that was recently exploited for the software supply chain attack on 3CX users, attributed to North Korea.
A crew of English-speaking European teenagers with a variety of skills and knowledge of Greek and Roman mythology are likely behind an up-and-coming cybercrime group called FusionCore. Group leader "Hydra" in March shared a screenshot of a malware dashboard set to display Sweden time by default.
The FBI and other national police are touting an operation that dismantled Genesis Market, a marketplace used by ransomware hackers and bank thieves to gain ongoing access to victims' computers. Genesis Market since 2018 offered access to more than 1.5 million compromised computers around the world.
Stung by the FBI's infiltration and takedown of the Hive ransomware group, other ransomware operators have been retooling their approaches to make their attacks more effective and operations tougher to disrupt, says Yelisey Bohuslavskiy, chief research officer at threat intelligence firm Red Sense.
So far, the Clop ransomware group campaign using a zero-day vulnerability in Fortra's widely used managed file transfer software, GoAnywhere MFT, has compromised networks used by 130 different organizations. The gang has so far taken responsibility for over 50 hacks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.