This week, hackers took over Mandiant's X account, authorities charged a Nigerian hacker with stealing $7.5 million from charities, the DOJ fined XCast $10 million for illegal robocalls, and attackers exploited an SMTP smuggling flaw in a phishing email campaign.
This week, Orbit Chain lost $81 million in a New Year's Eve hack, Indonesian police shuttered bitcoin mining operations, dYdX named its attacker, $324,000 users fell victim to 2023 crypto phishing scams, Singapore's prime minister had a deepfake problem, and 2023 crypto losses decreased by over 50%.
As we bid farewell to 2023, Philip Reitinger, president and CEO of the Global Cyber Alliance, reflected on the state of global cyber hygiene, shedding light on what's working, what needs improvement, and the transformative shifts necessary to achieve a cyber-secure future.
Hacks on healthcare sector entities reached record levels in 2023 in terms of data breaches. But the impact of hacks on hospital chains, doctors' offices and other medical providers - or their critical vendors - goes much deeper than the exposure of millions of health records.
All has not been quiet on the malicious cybersecurity front this year, thanks to constant cybercrime innovation, cyberattacks and cyberespionage, and malicious or inadvertent data breaches. Here are 12 notable incidents and trends of 2023 and their implications for the bigger cybersecurity picture.
Scammers are stealing hotels' log-in credentials for online travel site Booking.com and targeting their customers, experts warn. In many cases, attackers use Booking's own messaging system to contact customers and request their payment card data, they say.
Criminal use of social engineering at scale continues to surge, as AI-driven automation and easy access to stolen personal information enables attackers to create ever-more sophisticated and tough-to-detect assaults, says Sharon Conheady of First Defense Information Security.
In the future, deepfake technology will have a significant impact on newer forms of authentication such as voice and facial recognition and pose new challenges to defenders, said Ofer Friedman, chief business development officer at AU10TIX, an Israel-headquartered identity verification company.
Weeks after the Department of Health and Human Services announced its first HIPAA enforcement action in a ransomware breach, federal regulators have reached another milestone: a $480,000 settlement in a HIPAA case centered for the first time ever on a phishing attack.
Mobile banking Trojans spread through deceptive social media messages remain a problem for Indian smartphone users, warns Microsoft. India accounts for 4 in 10 global transactions made with digital payments, according to the National Payments Corporation of India.
The chief operating officer of an Atlanta-based cybersecurity firm has pleaded guilty and agreed to pay restitution of more than $818,000 in a federal criminal case in which he admitted hacking a Georgia medical center in 2018 in an effort to drum up business for his company.
Security company CrowdStrike said it had observed Iranian hacker group Imperial Kitten, also known as TA456, Crimson Sandstorm and Tortoiseshell, conducting web compromise operations between 2022 and 2023 to infiltrate Israeli logistics, transportation and technology companies.
Security researchers say an Iranian state hacking group is likely using spearfishing and a legitimate content hosting service in a cyberespionage campaign targeted against Israel. The hacker group, tracked as MuddyWater, likely mounted a new campaign after the onset of the Israel-Hamas war.
Hospitals, clinics and doctor practices have long fallen victim to cyberattacks and breaches kicked off with phishing emails. But with the advent of AI-augmented phishing, the lures are more convincing and could lead to even more scams targeting healthcare organizations, federal authorities warned.
India federal law enforcement busted tech scam fraud rings operating in locations across the subcontinent after Microsoft and Amazon shared intelligence with the Central Bureau of Investigation. Scammers allegedly operated call centers impersonating tech giant customer support.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.