Malware developers are adopting an easy-to-use obfuscation tool that slips malware past antivirus, warn security researchers. BatCloak requires minimal programming skills to use. Among its recent successes is a recent remote access Trojan dubbed SeroXen.
The BlackCat ransomware group has claimed credit for a February phishing attack against Reddit. With no ransom being paid, the extortionists are now seeking to insert themselves into the standoff between Reddit's leadership and volunteer workforce over the introduction of paid access to APIs.
The litany of outages plaguing Azure and Microsoft 365 in recent weeks stems from DDoS attacks carried out by a pro-Russian hacktivist group. The threat actor since early June has launched DDoS attacks from multiple cloud services and open proxy infrastructures thanks to its collection of botnets.
The latest vulnerability in MOVEit's managed file transfer application could lead to escalated privileges and unauthorized access to customer environments. Progress Software said a SQL injection flaw could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database.
A consumer genetic testing company must ensure the destruction of customer saliva samples and undergo third-party evaluation of its information security program for the next two decades under a proposed consent order with the U.S. Federal Trade Commission.
With only 10 EU member states having blocked or restricted high-risk suppliers Huawei and ZTE from their 5G networks, EU Internal Market Commissioner Thierry Breton is urging holdouts to speed up, warning that the entire bloc faces increased cybersecurity and supply chain risks until they do so.
Ransomware actors are using the thing that verifies crypto transactions - mining - to their advantage. More criminals are laundering their ill-gotten gains by re-minting the digital money through mining to sanitize funds and bypass controls imposed by more highly regulated financial institutions.
A Russian government-linked threat group is using USB drives to spread a custom backdoor in a possible bid to reach air-gapped machines, said security researchers. The Security Service of Ukraine has identified the group, which it tracks as Armageddon, as a unit of the Russian FSB.
C5 Capital extended struggling threat detection firm IronNet a financial lifeline contingent on retired four-star Gen. Keith Alexander stepping down as CEO of the company he founded. The venture capital firm will inject $51 million if IronNet hires ex-Houghton Mifflin Harcourt CEO Linda Zecher.
Cybercriminals are increasingly preying on small hospitals, often in rural communities, knowing that security defenses at these facilities are often much weaker than those at larger institutions, said Kate Pierce, a former longtime CIO and CISO at a 25-bed community hospital in Vermont.
The potential for cybercriminals to reverse-engineer generative AI tools, the rise of geopolitical threats and increased cloud complexity are among the top new threats facing security teams in 2023, according to Forrester's Top Cybersecurity Threats In 2023 report.
In the latest weekly update, ISMG editors discuss how cyber risk is becoming more closely tied to the economic health of nations, why a rural U.S. healthcare provider is closing due in part to ransomware attack woes, and why some cybersecurity companies have laid off staff this month.
Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. This week, Atomic Wallet, FPG, Sturdy Finance and Hashflow suffered hacks involving millions of dollars, hackers phished followers of popular Twitter accounts and an Australian bank wanted to limit crypto use.
This week, the list of MOVEit victims grew and now includes the U.S. government. Also, CISA and its global peers crowned LockBit the world's top ransomware threat, North Korean hackers copied a popular South Korean web portal, and an impersonation campaign used SEO techniques to target top brands.
Federal officials charged a Russian national with carrying out at least four LockBit attacks against businesses in the United States, Asia, Europe and Africa. The Justice Department said Ruslan Magomedovich Astamirov, 20, of Chechnya, deployed ransomware between August 2020 and March 2023.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.