Only a few hours after polls closed, fraudsters started using the uncertainty over the winner of the U.S. presidential election to send out spam messages that are designed to infect devices with the Qbot banking Trojan, according to Malwarebytes.
The U.S. Justice Department has seized 27 website domains operated by Iran's Islamic Revolutionary Guard Corps to conduct a covert influence campaign targeting the U.S. and other citizens from around the world.
Researchers are tracking the movements of nearly $1 billion in cryptocurrency that recently moved from a mysterious digital wallet, which may have ties to the notorious darknet marketplace Silk Road, which law enforcement shuttered in 2013.
The pandemic has been an accelerant for digital payments and digital payment fraud globally. Krista Tedder of Javelin and Stu Bradley of SAS discuss recent findings.
Ninety-four percent of cyber threats originate in the inbox, and increasingly fraudsters are plying their trade through impersonation attacks. Mariana Pereira of Darktrace discusses the role machine learning can play in repelling these strikes.
California voters passed Proposition 24, the California Privacy Rights Act, on Nov. 3, which expands upon the recently activated California Consumer Privacy Act specifically when it comes to enforcement and how businesses handle personal data.
Attackers have been actively exploiting a flaw in Rackspace's hosted email service to send phishing emails, bearing legitimate and validated domain names, as part of business email compromise scams, warns IT security testing consultancy 7 Elements. Rackspace tells customers it plans to fix the problem soon.
The number of attacks related to Emotet continues to spike after the dangerous botnet re-emerged over the summer with a fresh phishing and spam campaign, according to research from HP-Bromium. During this time, Emotet is mainly infecting devices with the QBot or QakBot banking Trojan.
A recently identified hacking group dubbed UNC1945 used a never-before-seen zero-day vulnerability in the Oracle Solaris operating system to target corporate networks and plant malware, according to FireEye Mandiant. This threat actor is known to focus on telecom, financial and consulting firm targets.
The FBI has issued a flash alert warning that unidentified threat actors are actively targeting vulnerable SonarQube instances to access source code repositories of U.S. government agencies and private businesses.
Brian Brackenborough, CISO, Channel 4, the British television network, and Nick Nagle, CISO, Security Critical, a U.K.-based consultancy company, discuss the lessons learned in 2020 and how they might impact the year ahead, agreeing that 2021 provides an "opportunity for a re-set."
After weeks of rising anxiety, Election Day proceeded in the U.S. with no public indications of interference. But experts say misinformation campaigns are still likely, and there's plenty of time for malicious activity as the vote tallying proceeds.
The U.K. NCSC responded to over 700 cyber incidents over a 12-month period, 200 of which were related to the COVID-19 pandemic, according to the cyber agency's annual report. NCSC also notes that's it's preparing to step-up its response to cyber incidents involving the NHS and vaccine development.
CISA and Oracle are urging users to apply an emergency patch for a vulnerability in the software giant's WebLogic Server product. This "severe" bug is already under active exploitation and could allow an attacker to run malicious code, security experts say.
Aleksandr Brovko, a Russian national, has been sentenced to eight years in federal prison for stealing personally identifiable data and online banking credentials using a botnet, according to the U.S. Justice Department. Federal prosecutors estimate the losses at $100 million.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.