A newly identified banking Trojan dubbed SharkBot is now targeting banking and cryptocurrency exchange customers across the U.K., Italy and the U.S. through a sideloading campaign and/or a social engineering campaign.
Multiple cybercriminal groups appear to be targeting relatively new entrants in the space with phishing attacks. In what cybersecurity analysts at Group-IB call a "cannibalistic approach," these gangs are impersonating underground card shops to dupe the newbies for monetary gain.
The latest edition of the ISMG Security Report features an analysis of attempts made by European law enforcement to encourage young cybercriminals to channel their skills in more ethical ways. Also featured: Fraud detection and response; inspiring behavioral change.
Neiman Marcus Group says it is notifying 4.6 million of its online customers who are affected by a data breach that occurred in May 2020. The data includes personally identifiable data, payment and gift cards, online account credentials and security questions.
Microsoft has indicated it will make changes to reduce the risk around what a security vendor says is a vulnerability that lets attackers run brute-force credential attacks against Azure Active Directory. The issue was reported to Microsoft in June by SecureWorks' Counter Threat Unit.
The world is experiencing a cybercrime pandemic, which is a direct consequence of COVID-19, according to Amit Basu, CISO and CIO at International Seaways. He offers proactive prevention measures, based on his own experience, for how organizations can stay safe and secure.
Researchers at the security firm Cisco Talos have spotted an ongoing campaign using an updated variant of the "Neurevt" Trojan to target customers of financial institutions in Mexico.
A newly uncovered banking Trojan dubbed Vultur is targeting Android users through screen recording to capture the victims' banking credentials, a new report by security firm ThreatFabric says.
A new card stealer malware campaign that loads JavaScript malware from blocked domain lists to evade detection is targeting e-commerce sites that run Adobe's Magento, software security firm Sucuri reports.
A cybercrime forum seller advertised "a full dump of the popular DDoS-Guard online service" for sale, but the distributed denial-of-service defense provider, which has a history of defending notorious sites, has dismissed any claim it's been breached. What's the potential risk to its users?
Threat intelligence researchers are looking closely at REvil, the ransomware gang that infected up to 1,500 companies in a single swoop. A look at the group's online infrastructure shows clear lines to Russian and U.K. service providers that, in theory, could help law enforcement agencies but don't appear eager to...
As ransomware attacks become more prolific, their success is being driven by the increasing use of specialists who can refine every stage of an attack. It's a reminder that the goal of cybercrime remains to maximize illicit profits as easily and quickly as possible.
Ransomware-wielding criminals continue to hone their illicit business models, as demonstrated by the strike against customers of Kaseya. A full postmortem of the attack has yet to be issued, but one question sure to be leveled at the software vendor is this: Should it have fixed the flaw more quickly?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.