As fraudsters continue to improve their email spoofing with better socially engineered schemes, business email compromise attacks will become more successful, says Denyette DePierro of the American Bankers Association, who discusses how banks can help customers avoid becoming victimized.
Score another one for social engineering: A phishing campaign used a bogus "Google Docs" app to trick people into surrendering full access to their Google accounts and contacts. Before Google squashed the campaign, up to 1 million of its users may have fallen victim.
Travel industry software giant Sabre has alerted hotels that its software-as-a-service SynXis Central Reservations system - used by more than 36,000 properties - was breached and payment card data and customers' personal details may have been stolen.
The figure sounds alarming, 60 percent of small companies went belly up within six months of a breach. And that stat was repeated several times by lawmakers as a House panel debated - and approved - a bill aimed at helping small businesses battle hackers. But is that number true?
IBM and Lenovo have issued a security alert, warning that they inadvertently shipped malware-infected USB flash drives to some customers who use their Storwize hardware. The malware, known as Reconyc, is designed to install additional attack code on infected endpoints.
An analysis on why small businesses are increasingly being targeted by hackers leads the latest edition of the ISMG Security Report. Also, potential medical device hacks pose risk to patients, and payment fraud evolves as the threat landscape intensifies.
So far this year, we've seen heightened tensions between the U.S. and adversaries in Russia, North Korea and Iran. How do these tensions manifest on the cyber stage? Tom Kellermann of Strategic Cyber Ventures talks about the cyberwar risks brewing below the surface.
The ISMG Security Report leads with an analysis of how tactics used by Kremlin-tied actors to target political groups in France, Germany and the U.S. to influence foreign elections could be employed to damage the reputation of businesses.
Interpol, working with countries and security vendors, says it has uncovered 270 websites - including some government portals - compromised by malware. In some instances, the websites contained personal data of citizens.
Two men have pleaded guilty to hacking London-based telecommunications giant TalkTalk in 2015. Police say one of the men boasted in social media account chats about wiping and encrypting his hard drives, as well as taking part in the hack attack.
Warning: A dumped Equation Group exploit is designed to bypass authentication on 386 types of Oracle databases. One concern is that the exploit might be used by attackers such as the Lazarus Group to refine their attempts to inject fraudulent money-moving messages into the SWIFT network.
The purported hacking of computers of French presidential candidate Emmanuel Macron, by the same Russian group that targeted Hillary Clinton's campaign, signifies an expansion of the goals of the attackers that extend beyond trying to influence the outcome of Western elections.
In the wake of fraud reports, Blowout Cards has issued a security alert to customers, warning that an attacker hacked its website and installed a PHP file designed to skim payment card details at the time of purchase.
A federal judge has sentenced 32-year-old Russian hacker Roman Seleznev, aka "Track2," to serve 27 years in prison after he was convicted of defrauding 3,700 U.S. financial institutions of at least $169 million via point-of-sale malware attacks.