Emotet malware is again active. Researchers marked the latest sighting of the Microsoft Office-loving Trojan in what's becoming a cycle of reemergence and hibernation. Among its improved evasion techniques: pasting a chunk of "Moby Dick" to bulk up the word count of macro-laden Word documents.
Despite repeated disruptions by law enforcement, underground cybercrime markets continue to thrive. Researchers are tracking the debut of 190 "significant" new darknet markets in 2022, connecting illegal data and access brokers with ransomware groups, fraudsters and others.
The LockBit ransomware operation claims to have stolen data from a Texas-based supplier to Elon Musk's SpaceX, which designs, manufactures and launches rockets and spacecraft. It's the latest PR-grabbing attempt by the prolific LockBit extortion group.
Business social media platform LinkedIn continues to pay dividends for North Korean hackers, including one group historically concentrated on South Korean targets that has expanded into pursuing security researchers and media industry workers in the West.
As Russia's full-scale invasion of Ukraine last year stalled, Russian hacking teams increasingly shifted from causing all-out disruption to cyberespionage, data theft and psychological operations, Ukraine's cybersecurity establishment says in a new lessons learned report.
Hackers are draining millions of dollars from decentralized finance protocol Euler Finance in an ongoing attack. The theft of crypto funds worth $197 million marks the largest exploit in 2023 so far. Euler Finance said it is aware of the incident.
President Joe Biden's budget request for fiscal 2024 includes a big proposed boost for the federal office charged with enforcing privacy and security within the healthcare industry. The proposal asks for $78 million in appropriations for the Office of Civil Rights.
Fundraising and customer relationship management software provider Blackbaud has reached a $3 million settlement agreement with the Securities and Exchange Commission over allegations it made "misleading disclosures about a 2020 ransomware attack that impacted more than 13,000 customers."
In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues, including how the new U.S. cybersecurity strategy doubles down on hitting ransomware, how the strategy shifts liability issues to vendors, and why check fraud is on the rise and what can be done about it.
Community Health Systems will soon begin notifying up to 1 million individuals estimated to have been affected by data compromise when attackers exploited a zero-day vulnerability in vendor Fortra's GoAnywhere MFT, which is secure managed file transfer software.
A healthcare revenue cycle management software vendor is facing a proposed class action lawsuit in the aftermath of a December data exfiltration attack affecting nearly 251,000 patients. Ransomware group Royal took credit for the attack, allegedly leaking samples of the stolen data on its leak site.
A top Australian official demanded that Russia crack down on hackers operating inside country borders, another sign of deepening Western frustration with Moscow's permissive attitude toward cybercriminals. The Kremlin has access to skilled hackers it can mobilize into proxy actors at will.
Hackers disrupted medical care at a major Barcelona hospital, found out the wireless plans of 9 million AT&T users and stole data of almost 140,000 Hatch Bank customers. Patrons of Chick-fil-A got a nasty surprise. Plus, a breach hit Acer and another one affected members of the U.S. Congress.
The Chinese government's geopolitical ambitions and willingness to use cyber operations to achieve them pose one of the biggest threats to U.S. national security, the U.S. intelligence community warns. Russia, Iran and North Korea also pose major threats, as do cybercrime and especially ransomware.
Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. Between March 3 and March 9, Tender.fi paid a white hat reward to a thief, a Uranium Finance hacker began to launder stolen funds, Algodex revealed security breaches and BitKeep was working to reimburse hack victims.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.