The latest edition of the ISMG Security Report analyzes the hacking of Dave, a mobile banking app. Plus: Sizing up the impact of GDPR after two years of enforcement and an assessment of IIoT vulnerabilities.
Suddenly, onboarding, servicing and securing digital accounts with advanced authentication techniques isn't just a priority for global enterprises; it is the priority. Dean Stevenson of HID Global previews an upcoming virtual roundtable discussion.
U.S. and U.K. cybersecurity agencies issued a joint warning this week that over 62,000 QNAP network-attached storage devices worldwide have been infected with data-stealing malware.
Mobile banking startup Dave is just the latest victim of criminal data brokers. Extensive evidence now points to Dave having been hit by a ShinyHunters, which has been tied to the sale of millions of stolen records to fraudsters - either via a phishing attack or hack of a third-party service provider.
Fraudsters are mimicking automated messages from Microsoft SharePoint for a phishing campaign that attempts to steal Office 365 credentials, according to the security firm Abnormal Security.
CISA is warning that threat actors are actively exploiting a remote code execution vulnerability in F5's BIG-IP network products that can lead to data exfiltration and other security issues. Earlier, researchers and F5 had urged users to patch the flaw.
Garmin has acknowledged that a hack attack that encrypted several of its systems led to outages that affected several of the company's fitness and aviation products along with knocking its homepage and customer service centers offline. As of Monday, several affected services were again operating.
Lazarus Group, a sophisticated hacking group associated with the North Korean government, is using a new malware framework to spread ransomware and steal databases from victims, according to security firm Kaspersky.
Garmin has not yet announced what caused an outage of its Garmin Connect fitness tracking service as well as its website. But some employees reportedly are attributing the outage to ransomware.
The NSA and CISA issued a joint warning that U.S. critical infrastructure is increasingly becoming a hacking target and organizations need to guard against attacks. The alert notes that remote access to OT systems by a decentralized workforce creates risk.
Money launderers are devising new tactics during the COVID-19 pandemic. For example, some are coming up with ways to use personal protective equipment, or PPE, as a form of currency, says Debra Geister, CEO of Section 2 Financial Intelligence Solutions.
The U.S. State Department is offering rewards of up to $1 million for information that could lead to the arrest and conviction of two Ukrainian nationals who allegedly hacked the Security and Exchange Commission's EDGAR system server in 2016.
A previously undetected botnet called "Prometei" is targeting vulnerable Microsoft Windows devices by brute-forcing SMB vulnerabilities to mine monero cryptocurrency, according to Cisco Talos.
The latest edition of the ISMG Security Report analyzes the hacking of high-profile Twitter accounts. Also featured: Addressing security when offices reopen; the role of personal protective equipment, or PPE, in money laundering during the pandemic.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.