Ukrainian cyberpolice have arrested members of a phishing group that managed to steal credit card data from at least 70,000 people after directing them to fraudulent mobile service sites. The threat actors used the stolen information to empty funds from their victims’ bank accounts, according to the announcement on Tuesday from law enforcement. Five individuals have been […]

Threat actors maintained their relentless attacks on enterprise end users for yet another year, new study shows.

Don't consider just the initial costs. Hidden factors include remediation, revenue loss, reputational harm, national security — even human life.

Non-fungible token (NFT) marketplace OpenSea is investigating a phishing attack on Saturday that left 17 of its users without more than 250 NFTs, worth around $2 million. NFTs represent data stored on a blockchain (Ethereum) that declares ownership of digital media files of artwork. OpenSea is one of the world’s largest peer-to-peer NFT marketplaces (valued at […]

Vulnerable internet-facing Microsoft SQL (MS SQL) Servers are being targeted by threat actors as part of a new campaign to deploy the Cobalt Strike adversary simulation tool on compromised hosts. "Attacks that target MS SQL servers include attacks to the environment where its vulnerability has not been patched, brute forcing, and dictionary attack against poorly managed servers," South Korean

A new Android banking trojan with over 50,000 installations has been observed distributed via the official Google Play Store with the goal of targeting 56 European banks and carrying out harvesting sensitive information from compromised devices. Dubbed Xenomorph by Dutch security firm ThreatFabric, the in-development malware is said to share overlaps with another banking trojan tracked under the

Government crackdowns may destabilize Russian crime rings and strengthen their ties to Chinese allies.

The National Security Agency (NSA) this week published recommendations regarding the use of specific passwords when looking to secure Cisco devices.

read more

Intel has released software and firmware updates to address many vulnerabilities found in the company’s products.

The chipmaker last week released 22 security advisories, including seven that have an overall severity rating of “high.”

read more

In the past year, attackers have focused on the lucrative supply chain. Organizations need to defend against such attacks, even inside their perimeters.

As attackers increasingly target the lucrative supply chain, organizations need to think about how they can defend against such attacks.

Threat actors are infiltrating the increasingly popular collaboration app to attach malicious files to chat threads that drop system-hijacking malware.