A recently uncovered phishing campaign is using a spoofed U.S. Internal Revenue Service domain and social engineering techniques in an attempt to trick targeted victims into sending money to fraudsters, according to researchers at Abnormal Security.
A recently uncovered banking Trojan targeting Android devices can spy on over 150 apps, including those of banks, cryptocurrency exchanges and fintech firms, as a way to gather credentials and other data, according to an analysis by security firm Kaspersky.
A medical device maker has sued an IT vendor in the wake of an email server migration mishap that exposed the health data of more than 277,000 individuals. The case illustrates the complexities of vendor risk management - especially after mergers and acquisitions.
Louis Marinos of the European Cybersecurity Agency offers an analysis of the agency's new Threat Landscape 2020 report, which shows how cybercriminals have been advancing their capabilities, adapting quickly and targeting victims.
Cybersecurity is poised to become a higher White House priority when President-elect Joe Biden takes office. And he's expected to renew key international relationships needed in the fight against cyberattacks.
The good news: U.S. election security measures seem to have worked. The bad news: Disinformation and misinformation campaigns continue. Tom Kellermann, who served as a cybersecurity adviser to President Obama, offers advice for President-elect Joe Biden and others on protecting critical infrastructure.
As the healthcare sector prepares for the distribution of COVID-19 vaccines, intensifying the attention to supply chain cybersecurity is critical, says Michael McNeil, senior vice president and CISO of McKesson Corp., which distributes pharmaceuticals and medical supplies.
Inadequate database and privileged account monitoring, incomplete multifactor authentication and insufficient use of encryption: Britain's privacy regulator has cited a raft of failures that contributed to the four-year breach of the Starwood guest reservation system discovered by Marriott in 2018.
A former Microsoft software engineer has been sentenced to nine years in prison after being found guilty on 18 criminal charges in connection with the theft of more than $10 million through the company's online retail platform.
Threat actors are increasingly weaponizing advanced analytical tools to attack enterprises, which means organizations must change their security strategies, says Ray Boisvert, associate partner, national public sector, IBM Canada.
As part of a settlement of allegations that Zoom "engaged in a series of deceptive and unfair practices that undermined the security of its users," the U.S. Federal Trade Commission is requiring the video conferencing provider to implement and maintain a comprehensive security program within the next 60 days.
The Department of Health and Human Services last week issued its 10th settlement involving a HIPAA "right of access" case since launching its patient records access initiative last year. But how might HIPAA enforcement priorities at HHS' Office for Civil Rights change under a Biden administration?
Check Point Research has uncovered a large and likely profitable business model that involves hackers attacking and gaining control of certain VoIP services, which enables them to make phone calls through a company's compromised system.
Researchers at Kaspersky have uncovered a Linux version of the RansomEXX ransomware that, until now, had targeted only Windows devices. The ransomware has been tied to several high-profile attacks over the last several months.