The operators behind the Qbot banking Trojan are now deploying a recently uncovered ransomware variant called Egregor to target organizations across the world, according to researchers at Group-IB.
Researchers have identified a fresh variant of the Grelos skimmer that has co-opted the infrastructure that MageCart uses for its own skimming attacks against e-commerce sites, according to RiskIQ. The malware has been found on several small and mid-size e-commerce sites worldwide.
Although the global financial industry has made strides in protecting its data from malware, including Trojans, cyberthreats such as network intrusion, ransomware and criminal gang cooperation are presenting fresh challenges, according to the Carnegie Endowment for International Peace.
A recently identified Chinese hacking group dubbed "FunnyDream" has targeted more than 200 government entities in Southeast Asia since 2018 as part of an ongoing cyberespionage campaign, according to research from Bitdefender.
Over the past five years, ransomware-as-a-service offerings have largely evolved from putting automated toolkits into the hands of subscribers to recruiting affiliates and sharing profits. To maximize revenue, some larger operators are also seeking affiliates with more advanced IT and hacking skills.
"Think like your enemy." Great advice, but who has the time? You're a cyber defender. Every day you're protecting your organization with the limited time and resources you have, while working to close known gaps. There's little time to study all the ways you can be attacked or figure out how to respond. Wouldn't it be...
A recently uncovered point-of-sale malware called "ModPipe" is targeting Oracle software used by thousands of restaurants and other businesses in the hospitality industry, according to researchers at ESET. This backdoor can then steal sensitive data, such as cardholder names.
Darkside is the latest ransomware operation to announce an affiliate program in which a ransomware operator maintains crypto-locking malware and a ransom payment infrastructure while crowdsourced and vetted affiliates find and infect targets. When a victim pays, the operator and affiliate share the loot.
Victims of crypto-locking malware who pay a ransom to their attackers are paying, on average, more than ever before. But investigators warn that when victims pay for a guarantee that all data stolen during an attack will get deleted, criminals often fail to honor their promises.
Only a few hours after polls closed, fraudsters started using the uncertainty over the winner of the U.S. presidential election to send out spam messages that are designed to infect devices with the Qbot banking Trojan, according to Malwarebytes.
The number of attacks related to Emotet continues to spike after the dangerous botnet re-emerged over the summer with a fresh phishing and spam campaign, according to research from HP-Bromium. During this time, Emotet is mainly infecting devices with the QBot or QakBot banking Trojan.
A recently identified hacking group dubbed UNC1945 used a never-before-seen zero-day vulnerability in the Oracle Solaris operating system to target corporate networks and plant malware, according to FireEye Mandiant. This threat actor is known to focus on telecom, financial and consulting firm targets.
Takeaway from the U.K.'s GDPR privacy fine against hotel giant Marriott: During M&A, review an organization's cybersecurity posture before finalizing any acquisition. Because once a deal closes, you're fully responsible for data security - IT network warts and all.
In September and October, 2020 AV-TEST performed a review of comparable security offerings from Akamai, Infoblox, Palo Alto Networks, Netskope, Cisco, and Zscaler.
The test was commissioned by Cisco to determine how well vendors protected remote workers against malware, phishing sites, and malicious websites. A...
In a notification letter filed to the Montana Department of Justice, precious metal trader JM Bullion has revealed that an unknown amount of customer information has been compromised in a data breach. The security incident took place over a five-month period earlier this year.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
