The latest edition of the ISMG Security Report analyzes why clothing retailer H&M was hit with a hefty fine for violating the EU's General Data Protection Rule. Also featured: The coming of age of digital identities; deputy CSO at Mastercard on top priorities for 2021.
Australian police say they've broken up a sophisticated SMS phishing scheme designed to collect personal details and bank login credentials. It's a rare success in the fight against unsolicited text messages.
Empire is the latest darknet market to "exit scam," meaning administrators ran away with users' cryptocurrency, leaving the market to fail. Given the ongoing risk of exit scams, as well as police often targeting such markets, why do they persist?
Evilnum, a hacking group that targets fintech firms mainly in the U.K. and Europe, is deploying a new remote access Trojan, according to Cybereason. The group is targeting "know your customer" procedures to start these attacks.
Blackbaud is one of a growing number of organizations that say they paid ransomware attackers primarily for their promise to delete exfiltrated data. A class action lawsuit filed against the software vendor in the wake of its breach notification questions whether attackers' promises have any merit.
About 54,000 Australian driver's licenses were exposed in an open Amazon Simple Storage Service bucket, according to a security researcher. It remains unclear what entity or agency exposed the data and whether those affected will be notified.
"Charming Kitten," a hacking group with ties to Iran, is now using LinkedIn and WhatsApp messages to contact potential victims and persuade them to visit a phishing page, according to ClearSky. The threat actors initially posed as journalists looking to contact sources.
When implementing a cybersecurity risk framework, enterprises should use a structured approach to identity and evaluate and manage the risks posed by increased digital transactions during the pandemic, says Dmitry Chernetsky, global presales expert, Kaspersky-APAC.
Fraudsters leverage networks to amplify attacks - isn't it time we do the same to strengthen our defenses? In our rapidly forming remote world with increased frequency of digital interactions, fraud fighting strategies need a boost. Carey O'Connor Kolaja will walk us through the rise of synthetic fraud, the changes it...
A Dutch lawmaker's Twitter account is among 36 that had some personal data compromised earlier this month when hackers targeted 130 verified accounts and launched a cryptocurrency scam. The politician told Reuters his direct messages were accessed.
The Emotet botnet, which recently surged back to life after a months-long hiatus, is now delivering the Qbot banking Trojan to victims' devices, security researchers say. So far, they've identified about 800,000 malicious emails attempting to spread the botnet.
Twitter says attackers who hijacked more than 130 high-profile Twitter accounts used social engineering to bypass its defenses, including two-factor authentication on accounts. Experts say companies must have defenses in place against such schemes, which have long been employed by fraudsters.