Last week, fraudsters targeted two cryptocurrency platforms by accessing domains managed by GoDaddy, according to notices published by the victimized firms. The domain register company previously has had issues with unauthorized access.
Fraudsters are increasingly using free Google services to create more realistic phishing emails and malicious domains that circumvent security filters, the security firm Armorblox reports.
Microsoft's Security Intelligence team is warning users of the Office 365 suite about an ongoing phishing campaign that appears to be harvesting victims' credentials. The emails use several techniques to bypass and evade secure email gateways.
Researchers at Area 1 Security say a recently uncovered phishing campaign using a message saying that the recipient has been fired from their job is attempting to plant two malware strains - Bazar and Buer - using the Trickbot botnet.
A recently uncovered phishing campaign is using a spoofed U.S. Internal Revenue Service domain and social engineering techniques in an attempt to trick targeted victims into sending money to fraudsters, according to researchers at Abnormal Security.
There is a reason more than half of today's ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization's potential damage and their payoff. After achieving root access, the bad guys explore your network reading email, finding data troves and once...
COVID-19 accelerated everything else digital; why not fraud, too? In this latest CEO/CISO panel, cybersecurity leaders talk frankly about the pace and scale of new fraud schemes from business email compromise to card not present to insider risk.
Victims of crypto-locking malware who pay a ransom to their attackers are paying, on average, more than ever before. But investigators warn that when victims pay for a guarantee that all data stolen during an attack will get deleted, criminals often fail to honor their promises.
Only a few hours after polls closed, fraudsters started using the uncertainty over the winner of the U.S. presidential election to send out spam messages that are designed to infect devices with the Qbot banking Trojan, according to Malwarebytes.
The U.S. Justice Department has seized 27 website domains operated by Iran's Islamic Revolutionary Guard Corps to conduct a covert influence campaign targeting the U.S. and other citizens from around the world.
Ninety-four percent of cyber threats originate in the inbox, and increasingly fraudsters are plying their trade through impersonation attacks. Mariana Pereira of Darktrace discusses the role machine learning can play in repelling these strikes.
Attackers have been actively exploiting a flaw in Rackspace's hosted email service to send phishing emails, bearing legitimate and validated domain names, as part of business email compromise scams, warns IT security testing consultancy 7 Elements. Rackspace tells customers it plans to fix the problem soon.
The number of attacks related to Emotet continues to spike after the dangerous botnet re-emerged over the summer with a fresh phishing and spam campaign, according to research from HP-Bromium. During this time, Emotet is mainly infecting devices with the QBot or QakBot banking Trojan.
Researchers with Cybereason have uncovered a fresh set of malicious tools tied to a North Korean-linked hacking group called Kimsuky, according to a recent analysis. This same advanced persistent threat group is also the subject of a new joint alert by CISA and the FBI.
A new report describes the attack methods of an Eastern European gang known as UNC1878 or Wizard Spider that's been waging ransomware attacks against U.S. hospitals in recent days.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
