A hacking group with suspected ties to Iran's government is again targeting universities in the U.S. and around the world, according to researchers with security firm Malwarebytes. "Silent Librarian" typically attempts to steal intellectual property.
Ransomware attacks remain the top cyber-enabled threat seen by law enforcement. But phishing, business email compromises and other types of fraud - many now using a COVID-19 theme - also loom large, Europol warns in its latest Internet Organized Crime Threat Assessment.
The U.S. Justice Department has seized 92 domains that Iran's Islamic Revolutionary Guard Corps was using to support a global disinformation campaign. This was the latest in a series of steps to crack down on Iran's interference activities.
Within a few days of President Donald Trump testing positive for a COVID-19 virus infection, fraudsters began deploying phishing emails using the president's health as a lure, according to the security firms Proofpoint and KnowBe4.
In the latest in a series of election security reports from government agencies, the U.S. Department of Homeland Security says Russia poses the most serious nation-state disruption threat to the U.S. presidential election, with China and Iran also posing threats.
Microsoft is warning that hackers with connections to Iran, as well as other threat actors, are attempting to exploit a critical vulnerability in Windows Server dubbed Zerologon, for which it has issued a partial patch.
Security researchers are warning of a fresh wave of phishing emails with election-related lures that are designed to get users to click, opening the door to spreading the Emotet botnet or harvesting users' credentials.
Over the last year, nation-state hackers, including those with links to the Russian government, have shifted from targeting critical infrastructure to focusing on think tanks, human rights groups and nongovernment organizations in an attempt to influence public policy, according to Microsoft.
The FBI and the U.S. Cybersecurity and Infrastructure Security Agency are warning that malicious actors are spreading disinformation - claiming to have hacked voter databases - in an attempt to manipulate public opinion, discredit the electoral process and undermine confidence in U.S. democratic institutions.
Facebook is again cracking down on fake accounts and pages linked to a Russian IRA troll farm or the country's military intelligence units that were being used for disinformation campaigns. Meanwhile, the FBI issued a fresh warning that threat actors are attempting to target U.S. voting infrastructure.
Training employees to resist phishing emails is key to preventing compromises. But an exercise run by Tribune Publishing Co. created a searing backlash after its phishing exercise tempted employees with bogus bonuses in a year in which they had already endured financial hardships.
Australian police say they've broken up a sophisticated SMS phishing scheme designed to collect personal details and bank login credentials. It's a rare success in the fight against unsolicited text messages.
Russian criminals operating online who want to stay out of jail need only to follow a few simple rules, the primary one being: Never target Russians. So it's surprising that security researchers have uncovered a new ransomware-wielding gang of Russian speakers that includes Russian victims on its hit list.
Cloud services are frequently associated with digital transformation and innovation; however, these services also expand cyber-attack surfaces for threat actors to exploit.
Read this whitepaper to learn about:
The economic impact of a data leak;
The surge in ElasticSearch "ransom" demands;
Managing Open Source...
Ransomware is not new, but it still makes front-page news by crippling global enterprises and governments. By encrypting all or part of a computer or system, this malware often causes irreparable data loss, even if the owner pays the ransom.
Read this white paper to learn about the modus operandi for ransomware...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.