The operators behind the banking Trojan SharkBot are targeting Google Play users to spread its malware masquerading as Android file manager apps that already have tens of thousands of installations, according to researchers from Bitdefender.
In the latest weekly update, Information Security Media Group Editors discuss current cybersecurity and privacy issues, including advice on strengthening off-hours defenses during the holiday season, emerging cybercrime trends in 2022, and Palo Alto's first big M&A since early 2021.
A cyberattack on a Canadian teachers’ union gave thieves access to sensitive data of more than 60,000 members The union is yet to disclose the exact number of affected individuals, but stated that both former and current members are impacted.
A hacking-for-hire group dubbed "Bahamut" is distributing malicious apps through a fake SecureVPN website that enables Android apps to be downloaded from Google Play. Research found that hackers use malicious versions of SoftVPN, SecureVPN and OpenVPN software.
India’s premier healthcare institute is reeling from the after-effects of a ransomware attack, the hospital said in a statement. All patient care services, the admission, discharge and transfer of patients will be conducted manually until the server is restored, in accordance with AIIMS’ Standard Operating...
As the U.S. celebrates Thanksgiving, let's give thanks for this cybercrime karma: For more than two years, law enforcement and security experts have been exploiting flaws in the crypto-locking malware to help victims decrypt their systems without paying a ransom.
The latest edition of the ISMG Security Report discusses how the profits of ransomware group Zeppelin have been smashed by security researchers, FTX again highlighting the risks of trading cryptocurrencies, and vendor Extrahop's newly appointed, high-profile president.
Security firm Group-IB has identified 34 hacking groups that are now selling a stealer-as-a-service model to spread infostealer malware and steal credentials from online gaming and payment accounts. The company advises organizations to be on the lookout for Raccoon and Redline infostealers.
Malware activity has increased 28% since last year, and botnet and exploit activity are up over 100%, according to CyberTheory's 2022 Third Quarter Review. CyberTheory Director Steve King says "a new approach to cybersecurity defense" is needed to fight today's cybercrime.
Human Security has gone back to the M&A well once again, scooping up a Baltimore startup to prevent adversaries from surreptitiously embedding malware into digital advertisements. The acquisition of Clean.io will help Human take on malvertising, which has become a prolific way to spread botnets.
Threat actors are using Internet Information Services - Microsoft's extensible web server software - to deliver a previously undocumented dropper that is being used to install a new backdoor and other tools. The group dubbed Cranefly uses a new backdoor called Danfuan, researchers say.
Cybercriminals are out there, watching and waiting for the perfect opportunity. They are gathering information about your organization and users, devising the perfect plan to infiltrate your defenses.
But with a strategic approach to cyber defense you can hack the hacker before they strike! In this session, we'll...
Every organization has employees distributed across multiple locations, such as headquarters and branch offices. With the Covid-19 pandemic, remote working from home has become a norm. Wherever they are, a company’s staff will need to access IT services, applications and data that are also spread out over a number...
Researchers uncovered a never-before-seen advanced threat actor dubbed Metador targeting telecommunications, internet service providers and universities in several countries in the Middle East and Africa for cyberespionage. They found two different Windows-based malware platforms.
The LockBit group has paid the first payment of $50,000 as part of its bug bounty program for researchers willing to aid in cybercriminality. The group had announced that it will pay individuals who find exploitable vulnerabilities in the software it uses to maliciously encrypt files.