Hackers are attempting to sell a fresh trove of approximately 26 million user records apparently obtained from three data breaches, according to researchers at the security firm ZeroFox.
The latest edition of the ISMG Security Report analyzes the many challenges involved in developing and implementing contact-tracing apps to help in the battle against COVID-19. Also featured: A discussion of emerging privacy issues and a report on why account takeover fraud losses are growing.
Cybercriminals are hiding malicious JavaScript skimmers in the "favicon" icons of several ecommerce websites in an effort to steal payment card data from customers, researchers at Malwarebytes say.
Kaiji, a newly discovered botnet, is compromising Linux servers and IoT devices using brute-force methods that target the SSH protocol, according to the security firm Intezer. The botnet has the capability to launch DDoS attacks.
Five suspected members of the InfinityBlack hacking group have been arrested, and authorities in Europe say they've seized two databases with more than 170 million entries, including combinations of stolen usernames and passwords.
Google and Apple on Monday released privacy and security guidelines for their jointly developed contact-tracing infrastructure. The companies note that apps developed using their APIs can only be developed by or for public health authorities - and solely to collect information to trace COVID-19 infections.
Several malicious spam campaigns using COVID-19 as a lure are attempting to install the Remcos remote access Trojan on victims' devices, according to Microsoft.
The Financial Industry Regulatory Authority, a private organization that helps self-regulate brokerage firms and exchange markets in the U.S., warns that a "widespread, ongoing" phishing campaign is targeting its members.
Security and risk experts from Forrester and Neustar advise on what you need to know about today's cyberthreats, including website vulnerabilities, APIs, third-party party scripts, nefarious bots and DDoS attacks.
Krista Tedder of Javelin Strategy analyzes key findings from a new report on identity fraud that shows that while account takeover incidents are decreasing, losses are growing.
Gamers are poring over a massive leak of Nintendo data, including source code for older gaming systems, prototypes of games and extensive software and hardware documentation. The data likely dates from a 2018 network intrusion at Nintendo.
In an apparent attempt to spread TrickBot malware, cybercriminals are sending fake emails designed to look like notifications from the Labor Department concerning changes to the Family and Medical Leave Act, according to IBM X-Force.
Done right, a zero trust architecture can reduce the complexity of one's environment while also improving cybersecurity protection and efficiency. Bob Reny of ForeScout focuses on three critical considerations: visibility, compliance and control.
A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB. The campaign, which targets Office 365 users, appears to trace to attackers operating from Nigeria and South Africa.
Researchers are seeing a spike in opportunism by fraudsters and cybercriminals seeking to profit from the COVID-19 crisis. Underground online markets are offering a range of pandemic-related goods, from face masks to fraudulent vaccines.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.