Cybercriminals targeted mobile banking users by sending malicious SMS messages to their smartphones as part of a phishing campaign to steal account holders' information, including usernames and passwords, according to the cybersecurity firm Lookout.
The U.S. Cybersecurity Infrastructure and Security Agency has released its cybersecurity plan for the run-up to the 2020 presidential election, outlining the agency's role as a facilitator that will assist federal, state and local agencies in protecting critical election infrastructure.
Google has removed 500 Chrome extensions from its online store after researchers found that attackers were using them to steal browser data, according to a new report from security firm Duo Security. The thefts were part of a malvertising campaign that had been active for at least a year, the researchers say.
MIT security researchers have published a paper that describes several security flaws in Voatz, a smartphone app used for limited online voting during the 2018 midterm elections. But the maker of the app contends the research is flawed.
The latest edition of the ISMG Security Report analyzes the indictments of four Chinese military officers in connection with the 2017 Equifax data breach. Also featured: Advice on implementing NIST's new privacy framework; lessons learned in a breach disclosure.
Cybercrime led to $3.5 billion in losses in the U.S. last year, with a sharp uptick in business email compromise scams - which accounted for nearly half those losses, according to a newly released FBI Internet Crime Report, which is based on complaints the FBI received.
State government officials told a Senate committee this week that more federal resources are needed to help states combat security cyberthreats, including ransomware. They also asked federal officials to share more information on looming security issues.
Security researchers have found that the developers of the Emotet Trojan have created a new way to spread it to more victims - attackers are using unsecured WiFi networks as a way to deliver the malware to more devices.
Israel's voter registration database - comprising close to 6.5 million people - was exposed to the internet because of an elementary coding flaw in an election application. It's unclear how long the exposure lasted or if bad actors accessed the data.
Four members of China's People's Liberation Army have been indicted for allegedly hacking Equifax in 2017 and stealing the personal data of over 145 million Americans as well as a vast trove of the company's trade secrets and intellectual property, the U.S. Justice Department announced Monday.
Canada's privacy commissioner is taking Facebook to court to try to force the social network to make specific changes to its privacy practices. The regulator has no power to issue fines or binding orders, meaning it must petition the federal court to force Facebook to make changes.
Several law firms are racing to be among the first to file class action lawsuits against PIH Health in the wake of the California-based regional healthcare network reporting last month that a 2019 phishing breach affected nearly 200,000 individuals. Why the rush?
Over the weekend, an extensive disruption to Iran's telecommunication networks knocked out about 25 percent of the country's internet service for several hours, according to NetBlocks, which tracks internet freedom across the globe.
Indian banks are again facing a fraudster field day, as cybersecurity firm Group-IB warns that the notorious Joker's Stash carder forum is listing more than 460,000 stolen Indian credit and debit cards for sale as "fullz," meaning they include personally identifiable information.