A bipartisan group of U.S lawmakers is requesting more information from the FBI and CISA about efforts to crack down on hacking groups linked to China's government that are targeting American facilities conducting COVID-19 research.
Microsoft is warning Windows users about an ongoing "massive" COVID-19-themed phishing campaign that is attempting to install the NetSupport Manager on devices. Attackers can turn NetSupport into a remote access Trojan, or RAT.
Hackers tried two methods of exploiting a zero-day vulnerability in Sophos' XG firewall, but Sophos says it made a temporary fix that mitigated the risks. Attackers originally attempted to plant a Trojan, but then switched to ransomware.
A recent phishing campaign bypassed multifactor authentication protections within Microsoft Office 365 to steal users' credentials stored in the cloud or launch other attacks, according to the security firm Cofense.
Attacks targeting cloud-based data nearly doubled in 2019 as companies shifted more of their valuable information off-premises and misconfigurations and other issues made it more vulnerable, according to the 2020 Verizon Data Breach Investigations Report. Observers expect the trend to continue this year.
The U.S. Treasury's Financial Crimes Enforcement Network is alerting financial institutions about surging COVID-19 themed scams and other "illicit activities," ranging from fraud involving the sale of fake cures, tests and vaccines to price gouging for supplies.
Fraudsters are now using numerous spoofed website templates with COVID-19 themes as part of phishing attacks designed to steal login credentials and banking data, according to Proofpoint.
Cryptocurrency-mining hackers appear to be behind a recent spate of supercomputer and high-performance computing system intrusions. But it's unclear if attackers might also have had data-stealing or espionage intentions.
U.S. facilities that produce, use or store hazardous chemicals are vulnerable to cyberattacks, in part because cybersecurity guidelines from the Department of Homeland Security are outdated, according to a recent GAO audit.
Besides hospitals and academic institutions, dozens of nonprofits, including nongovernmental organizations - or NGOs - around the world must protect their COVID-19 research and related activities from those seeking to steal data or disrupt their operations, says cyber risk management expert Stanley Mierzwa.
In this exclusive webinar, Amin Hasbini and Maher Yamout, security researchers at Kaspersky's Global Research & Analysis Team (GReAT), will share their insights on the latest cyber-attacks and how the COVID-19 epidemic has affected cybersecurity.
Register for this live session and learn about:
The cyber security...
More ransomware-wielding gangs are not just crypto-locking victims' systems, but also stealing and threatening to leak data unless they get their demanded bitcoin ransom payoff. A growing number of security experts believe the strategy is leading more victims to pay.
A sophisticated hacking group associated with the North Korean government that's been tied to a number of high-profile attacks, including WannaCry, is using three new malware variants, according to the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency.
A recently discovered cyber-espionage toolkit called Ramsay is designed to infiltrate air-gapped networks to steal documents, take screenshots and compromise other devices, according to the security firm ESET.
Malware continues to increase in sophistication and
routinely evades organizations' cyber defenses.
Even though the industry has developed various
technologies to bolster detection and response, the
situation persists.
New strategies for combatting advanced malware
must move beyond existing detection approaches...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
