A U.S. federal judge sentenced a Nigerian national to four years in prison for running several cyber-enabled schemes aimed at defrauding U.S. citizens out of more than $1 million. The men were arrested four years ago and extradited to Arizona in 2022 from Malaysia and the United Kingdom.
Stung by the FBI's infiltration and takedown of the Hive ransomware group, other ransomware operators have been retooling their approaches to make their attacks more effective and operations tougher to disrupt, says Yelisey Bohuslavskiy, chief research officer at threat intelligence firm Red Sense.
Security researchers uncovered a Pakistani cyberespionage group employing fresh tactics to target workers at India's Defense Research and Development Organization and steal sensitive military secrets. A new campaign uses a PowerPoint file containing information about the India-developed K-4 missile.
Criminal hackers are targeting South Koreans with an Android Trojan that dupes victims into handing over payment card data by faking phone conversations with lenders. Developers are using "several unique evasions that we had not previously seen in the wild," Check Point researchers write.
Emotet malware is again active. Researchers marked the latest sighting of the Microsoft Office-loving Trojan in what's becoming a cycle of reemergence and hibernation. Among its improved evasion techniques: pasting a chunk of "Moby Dick" to bulk up the word count of macro-laden Word documents.
With the rapid increase in digital transformation & hybrid work, organizations are noticing that the biggest vulnerability is with legacy MFA solutions that have failed to keep pace with the ever-evolving skills, technology and persistence of today’s cybercriminals.
The key to defending your organization’s...
A cyberespionage campaign using Trojanized apps implanted with a backdoor to exfiltrate sensitive data is making the rounds in India and Pakistan. Researchers at cybersecurity firm Eset identify the threat actor as Transparent Tribe, a group aligned with the Pakistani government.
A Russian threat actor headed by two prank callers whose targets for duplicity coincide with Kremlin state interests has for a year now leaned heavily into using email to schedule video calls with high-profile North American and European officials and executives.
Technologists were quick to point out that popular AI-based chatbot, ChatGPT, could lower the bar for attackers in phishing campaigns and even write malware code, but Cato Networks' Etay Maor advises taking these predictions "with a grain of salt" and explores the pros and cons of ChatGPT.
Threat actors are exploiting the ongoing economic downturn by using job-themed phishing and malware campaigns to target job seekers and employers to steal sensitive information and hack company recruiters. Researchers advise companies to be wary of attachments and URLs.
Security researchers uncovered an investment scam network that draws on an online infrastructure of hundreds of hosts and thousands of domains to target primarily Indian victims by impersonating Fortune 100 companies. Most payment amounts defaulted to Indian rupees.
A major cause of corporate IT disruption stems from advanced unknown malware, phishing, and custom crafted attacks. Advanced malware is decidedly different from those detected by traditional signature-based anti-malware solutions as they are engineered to avoid detection using sophisticated evasion techniques. Even...
Will large language models such as ChatGPT take cybercrime to new heights? Researchers say AI for malicious use so far remains a novelty rather than a useful and reliable cybercrime tool. But as AI capabilities and chatbots improve, the cybersecurity writing is on the wall.
Crypto exchange firm Coinbase has confirmed that an SMS phishing campaign aimed at stealing employee credentials resulted in a minor data breach. The company estimates the latest campaign is part of the phishing campaign that successfully compromised Twilio and Cloudflare last year.
Spain's high court has approved the U.S. Department of Justice's request that British national Joseph James O'Connor be extradited to face charges that he helped hack Twitter in 2020 to perpetrate a cryptocurrency scam. The final extradition decision now rests with the Spanish government.