There is a reason more than half of today's ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization's potential damage and their payoff. After achieving root access, the bad guys explore your network reading email, finding data troves and once...
COVID-19 accelerated everything else digital; why not fraud, too? In this latest CEO/CISO panel, cybersecurity leaders talk frankly about the pace and scale of new fraud schemes from business email compromise to card not present to insider risk.
Victims of crypto-locking malware who pay a ransom to their attackers are paying, on average, more than ever before. But investigators warn that when victims pay for a guarantee that all data stolen during an attack will get deleted, criminals often fail to honor their promises.
Only a few hours after polls closed, fraudsters started using the uncertainty over the winner of the U.S. presidential election to send out spam messages that are designed to infect devices with the Qbot banking Trojan, according to Malwarebytes.
The U.S. Justice Department has seized 27 website domains operated by Iran's Islamic Revolutionary Guard Corps to conduct a covert influence campaign targeting the U.S. and other citizens from around the world.
Ninety-four percent of cyber threats originate in the inbox, and increasingly fraudsters are plying their trade through impersonation attacks. Mariana Pereira of Darktrace discusses the role machine learning can play in repelling these strikes.
Attackers have been actively exploiting a flaw in Rackspace's hosted email service to send phishing emails, bearing legitimate and validated domain names, as part of business email compromise scams, warns IT security testing consultancy 7 Elements. Rackspace tells customers it plans to fix the problem soon.
The number of attacks related to Emotet continues to spike after the dangerous botnet re-emerged over the summer with a fresh phishing and spam campaign, according to research from HP-Bromium. During this time, Emotet is mainly infecting devices with the QBot or QakBot banking Trojan.
Researchers with Cybereason have uncovered a fresh set of malicious tools tied to a North Korean-linked hacking group called Kimsuky, according to a recent analysis. This same advanced persistent threat group is also the subject of a new joint alert by CISA and the FBI.
The FBI and CISA warn U.S. hospitals about a fresh wave of Ryuk ransomware attacks that have recently targeted healthcare facilities across the country. Over the past week, several hospitals have publicly reported attacks, which appear to be financially motivated.
FBI agent Elvis Chan has dedicated the past four years to ensuring U.S. election security. With the Nov. 3 election less than a week away, he opens up on concerns about Russian, Chinese and Iranian interference and threats he'll be watching before and after the vote.
Online disinformation campaigns by nation-state actors are the biggest cyberthreat to the U.S. election as hackers attempt to influence final vote tallies as a way to undermine confidence, according to a Digital Shadows report. Russian hackers are most active, followed by Iran and China.
Fraudsters operating an election-themed phishing campaign have tweaked their malicious landing pages to harvest more information, including banking credentials, account data and vehicle identification information, Proofpoint reports.