A Russian national who conspired to extort millions from electric car manufacturer Tesla by trying to plant malware in the company's network has pleaded guilty to a single federal conspiracy charge, according to the U.S. Justice Department. The FBI thwarted the plot before it could be carried out.
This tax season, as in years past, a major phishing campaign is targeting U.S. taxpayers in an effort to deliver malware, according to researchers at security firm Cybereason. This time, the messages contain remote access Trojans.
Hackers used Trojanized Xcode projects to install backdoors on developers' devices as part of a supply chain attack, according to security firm Sentinel Labs. Xcode is Apple's integrated development environment for macOS.
Finland's Security and Intelligence Service now believes that the 2020 hacking incident that targeted the country's Parliament was the work of a China-linked advanced persistent threat group APT31, also known as Zirconium.
This edition of the ISMG Security Report features an analysis of the Microsoft Exchange on-premises server hacks – from who might have leaked the vulnerability exploits to how ransomware gangs are taking advantage of the flaws. Also featured: Tackling the cybercrime business model; assessing "zero trust."
Citing national security concerns, the Federal Communications Commission is moving forward with legal proceedings to ban three Chinese-owned companies from providing telecommunications services in the U.S.
Internet-enabled crime has surged during the pandemic, with more than $4.2 billion in losses reported by victims to U.S. authorities in 2020. The most lucrative type of crime continues to be business email compromise scams, which last year accounted for at least $1.8 billion in losses, the FBI reports.
University researchers have tested a new browser-based side-channel attack technique that uses only HTML and CSS and works even if JavaScript is disabled. They shared their findings with browser providers and tech firms.
The White House on Wednesday unveiled the formation of a Unified Coordination Group to lead the government's response to attacks exploiting unpatched vulnerabilities in on-premises Microsoft Exchange email servers.
Email security vendor Mimecast, which was targeted by the SolarWinds supply chain hack in January, reports in a Tuesday update that the hackers used the "Sunburst" backdoor as an initial attack vector to steal some source code. But Mimecast says it "found no evidence of any modifications" to that code.
The Florida teen whom prosecutors call the mastermind behind last year's hack of 130 high-profile Twitter accounts to wage a cryptocurrency scam pleaded guilty Tuesday and was sentenced to serve three years in a juvenile facility.
A malvertising campaign that purports to offer Telegram's desktop app for Windows is persisting. A security researcher based in Switzerland, who nearly fell for the ruse, takes a deep dive into the campaign.
The Pysa ransomware strain is increasingly targeting educational institutions in the U.S. and U.K., the FBI warns in a new flash alert. The hackers may threaten to leak exfiltrated data if a ransom is not paid.
Love it or hate it, email remains an essential business and productivity tool. Many organizations have now migrated to cloud-based Office 365 email for their employees. But while cloud-based approaches offer easier procurement, manageability and better cost savings, certain email facts of life won't change.
Moving...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.