Maze was one of the most notorious and successful ransomware operations of recent years until its apparent "retirement" and handover to Egregor in November 2020. Some rivals have suggested both groups have ties to the Russian government. But is that just sour grapes, or even simply an attempted scam?
The operators behind the Trickbot malware are deploying a new reconnaissance tool dubbed "Masrv" to exfiltrate additional data from targeted networks, according to a Kryptos Logic report. Other researchers have noticed increases in the botnet's activity over the last month.
The sentencing this week of a medical researcher who pleaded guilty in a federal case involving conspiracy to steal trade secrets from a children’s hospital and sell them to China spotlights the growing risks to medical intellectual property posed by insiders.
Security researchers at Armorblox uncovered an unusual invoice-themed phishing campaign designed to extract victims' Microsoft Office 365 login credentials, alternate email addresses and phone numbers.
Alejandro Mayorkas, the newly confirmed secretary of the Department of Homeland Security, says his initial priorities include reviewing all available intelligence on the SolarWinds supply chain hack and scrutinizing the government's cybersecurity programs.
The mobile channel saw great user adoption in 2020 - and it saw a corresponding increase in fraud incidents. Tim Dalgleish of BioCatch discusses mobile fraud trends and the role of behavioral biometrics in enhancing user authentication.
Ransomware operations continue to come and go. The notorious Maze ransomware gang retired last year, apparently replaced by Egregor, while new operators, such as Pay2Key, RansomEXX and Everest, have emerged. But in recent months, experts say, just six operations have accounted for 84% of attacks.
A data breach of a Washington state auditor's system exposed 1.4 million unemployment claimants’ records. The breach stemmed from an exploit of an unpatched system from Accellion, and the state says it was never notified of the flaw. But Accellion says it notified customers and offered a patch in December.
Biometrics, device-based risk scoring solutions and geo location can be helpful tools for tackling ID fraud, says Trace Fooshee, senior analyst at Aite Group, who calls for a layered approach.
Up to 30% of the organizations hit as part of the cyberespionage campaign waged by the hackers responsible for the SolarWinds supply chain attack did not use the company’s compromised software, says Brandon Wales, acting director of CISA. These victims were targeted in a variety of other ways, he says.
Other darknet marketplaces apparently are preparing to fill the underground economy's need for a steady stream of stolen payment card data if the Joker's Stash site closes Feb. 15 as its administrator has announced. Some researchers believe the administrator may even launch a new marketplace.
The U.S. government should take a number of steps to help minimize the risk that benefits provided by the next rounds of economic stimulus programs designed to provide relief from the impact of the COVID-19 pandemic are not fraudulently obtained, security experts say.
More fraudsters are using artificial intelligence to generate “Frankenstein faces” for use in synthetic identity fraud. Kathleen Peters of Experian outlines this disturbing development in fraudster behavior, as outlined in a new report.
The number of data breaches being reported in the U.S. and elsewhere each year continues to decline. But security experts say this unfortunately can be explained by criminals increasingly focusing on lucrative ransomware and business email compromise scams, which require scant data to be successful.
Microsoft researchers say that a North Korean hacking group that the company calls "Zinc" - which is better known as the Lazarus Group or Hidden Cobra - likely was responsible for targeting vulnerability researchers in an attempt to steal information via a backdoor.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
