The 'work from anywhere' experience has fundamentally changed how we work - and how cyber adversaries leverage email as an attack vector. Daniel McDermott and Gar O'Hara of Mimecast outline a holistic approach that focuses on email defense, awareness and response.
Two recent hacking incidents that each affected more than 100,000 individuals illustrate the variety of cyberthreats healthcare organizations face during these chaotic times. Security experts offer risk mitigation insights.
To help mitigate the risks posed by business email compromise scams that target privileged users, enterprises need to create a detailed enterprise risk management plan that spells out procedures to secure accounts, says Espen Otterstad, CISO at Norwegian telematics company ABAX AS.
The operators behind the AgentTesla remote access Trojan have upgraded the infostealer with additional capabilities, including the ability to steal credentials from VPNs, web browsers, FTP files and email clients, Sentinel Labs reports. The low-cost malware is used in BEC scams and other campaigns.
High-speed trading firm Virtu Financial says it lost $6.9 million in a business email compromise scam in May. The company is now suing its insurer for failure to cover the loss.
A recently uncovered BEC scam has targeted the Office 365 accounts of executives at over 1,000 companies worldwide, collecting more than 800 sets of credentials in an attempt to commit payment fraud, according to Trend Micro.
The day after President Trump issued executive orders to ban Chinese-owned social media apps TikTok and WeChat, Sanjay Virmani of the FBI's San Francisco office shared insights on the Chinese cyberthreat, election security and crime trends in the wake of COVID-19.
The U.S. Secret Service is combining its electronic and financial crime units into a single task force that will focus on investigating cyber-related financial crimes, such as BEC schemes and ransomware attacks. The move comes as lawmakers push for the Secret Service to take a more active role in fighting cybercrime.
A Nigerian entrepreneur has pleaded guilty to charges stemming from an $11 million business email compromise scheme that targeted a U.K. affiliate of U.S. heavy equipment manufacturer Caterpillar.
The attack sounds ripped from an episode of TV show "24": Hackers have infiltrated a government network, and they're days away from unleashing ransomware. Unfortunately for Florence, a city in Alabama, no one saved the day, and officials are sending $300,000 in bitcoins to attackers for a decryption key.
Europe is targeting financial and economic crime, including fraud and money laundering, via the new European Financial and Economic Crime Center, hosted by the EU's law enforcement intelligence agency Europol. Officials say the launch of such a center during the COVID-19 pandemic is no accident.
Fraudsters have conned Norfund, a private equity investment firm based in Oslo, Norway, out of more than $10 million in what the company calls an "advanced data breach." But the incident bears the hallmarks of a business email compromise scam.
Fraudsters are taking advantage of the uncertainty over the global COVID-19 pandemic to ramp-up business email compromise scams designed to steal money, the FBI and security researchers warn.
Nigerian cybercriminal gangs have become even more proficient in waging business email compromise attacks, according to an analysis from Palo Alto Network's Unit 42 that describes recent trends.
TA505, a notorious cybercriminal group believed to be operating in Russia, is using business email compromise tactics to target a new group of victims - HR departments, according to security researchers, who describe the new scheme.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.