Fraudsters are using a revamped version of the Alina Trojan to target Windows-based POS devices to steal payment card data, according to Century Link's Black Lotus Labs. The malware operators are using unsecured DNS protocols to exfiltrate the data.
Tens of millions of Americans have lost jobs because of COVID-19. As a result, former 'most wanted" fraudster Brett Johnson predicts a surge in fraud, saying bluntly: "There are going to be a lot of victims."
Enforcement of the California Consumer Privacy Act officially began Wednesday despite the lack of a final, codified version of the regulation. Experts weigh in on compliance steps organizations should take.
Implementing trusted digital IDs will create benefits for end users as well as service providers, says Nick Mothershaw, chair and executive director at the Open Identity Exchange. But widespread international adoption of such IDs will take time to achieve, he acknowledges.
The operators behind an updated version of the FakeSpy malware are targeting Android devices using SMS phishing messages to spread the info stealer, according to Cybereason. The messages are designed to appear to come from postal and delivery services.
The U.S. Federal Communications Commission has officially designated China's Huawei Technologies and ZTE Corp. as "national security threats," barring American telecommunications firms from using certain federal funds to buy their equipment, such as for building 5G networks.
A bipartisan group of U.S. senators is calling for federal funding for cybersecurity coordinators in every state. Meanwhile, a measure introduced in the House would restore the position of cybersecurity director in the White House.
The number of companies and individuals affected by an April ransomware attack on managed care provider Magellan Health continues to grow. This illustrates the risks faced by interconnected organizations in the healthcare sector.
Palo Alto Networks product alert: All users should immediately patch a "critical" flaw in Pan-OS that can be remotely exploited to bypass authentication and take full control of systems or gain access to networks, U.S. Cyber Command and the Cybersecurity Infrastructure and Security Agency warn.
The COVID-19 pandemic has introduced new risks for enterprises as employees access corporate networks and applications from home. Sudip Banerjee of Zscaler says that cloud security solutions offer advantages over VPNs.
Since the start of the COVID-19 pandemic, the number of brute-force attacks targeting RDP connections has steadily increased, spiking to 100,000 incidents per day in April and May, according to the security firm ESET. These attacks pave the way for launching ransomware attacks and planting cryptominers.