Five U.S. government agencies have been hit so far via a sophisticated supply chain attack. The intrusions appear linked to subverted software updates for SolarWinds' Orion network monitoring product, which is widely used by businesses and the U.S. government.
lackBerry researchers are tracking a relatively new ransomware variant called "MountLocker" and the operators behind it, who are using affiliate cybercriminal gangs to help spread the malware, exfiltrate data and extort victims, sometimes for millions of dollars.
Hackers are targeting thousands of vulnerable MySQL servers around the world, using ransomware to exfiltrate data from organizations and then demanding payment, according to Guardicore Labs. The attackers are also selling access to over 250,000 stolen databases.
Microsoft security researchers are tracking a browser modifier dubbed Adrozek that is installed on an individual device and can modify four widely used browsers - Edge, Chrome, Yandex and Firefox - to inject ads into their search results.
CISA is warning that local K-12 school districts are increasingly under assault by cyberthreats targeting vulnerable networks that are disrupting physical and virtual education throughout the U.S. The top security problems include ransomware, Trojans and other malware as well as DDoS attacks.
How could technology now in development potentially help fight against money laundering schemes that leverage the cryptocurrency Monero, which cybercriminals value for its privacy attributes? David Jevans of CipherTrace describes efforts to earn patents on fraud-fighting tech.
A 4GB data archive belonging to Panasonic India has been released by a hacker who waged an extortion plot. The company says no highly confidential data was revealed, but a look at the data suggests otherwise.
Fraud explodes in tough times, and do times come any tougher than they have with COVID-19? In this latest Cybersecurity Leadership panel, CEOs and CISOs describe their efforts to spot and stop emerging fraud schemes involving synthetic IDs, social engineering and greater insider risks.
The U.S. Federal Communications Commission has upheld its designation of Chinese telecom company Huawei as a national security threat, rejecting the firm's appeal of the ruling. Meanwhile, it's starting proceedings that could revoke China Telecom's permission to provide communications services within the U.S.
The latest edition of the ISMG Security Report features an analysis of why the FireEye breach is a wake-up call for the cybersecurity industry. Also featured: Monero cryptocurrency scams; key considerations for cloud security.
Permanent Account Numbers and other personally identifiable information of 7 million debit and credit cardholders in India are circulating on darknet discussion forums, an independent security researcher has discovered.
The Monetary Authority of Singapore has given non-bank financial institutions access to e-payment platforms Fast and Secure Transfers and PayNow systems, despite security concerns.
One of those responsible for the massive Mirai-based DDoS attack launched in October 2016 that targeted domain name resolver Dyn and knocked Amazon, PayPal, Spotify, Twitter and others offline has pleaded guilty to federal charges.
A former Cisco engineer has been sentenced to serve two years in federal prison after pleading guilty to charges that he hacked his former company, causing $1.4 million in damages.
2020 was the year of mass migration to multi-cloud environments, which paves the way for 2021 and a further explosion on microservices and severless cloud computing. Peter Klimek of Imperva discusses how cybercriminals are likely to respond - and how to anticipate them.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.