Expel has released its latest quarterly threat report, which looks at continued identity-based attacks and the impact of MFA fatigue. Jon Hencinski shares insights on attack trends, gaps in compensating controls and what to look for in pre-ransomware activity.
Posing as leading banks, the North Korea-backed BlueNoroff group is evading Microsoft Windows' Mark of the Web security measure to help infect machines with malware. Hackers are refining their techniques for bypassing MOTW, which warns users when they try to open a file downloaded from the internet.
ChatGPT, an AI-based chatbot that specializes in dialogue, is raising concern among security professionals about how criminals could use cheap, accessible natural language AI to write convincing phishing emails and pull off nefarious deepfake scams. Peter Cassidy discusses the implications.
Everyone knows why criminals rob banks. But since most robbers are operating remotely, which tactics are cybercriminals actually employing and how often are they successful? Too often, it seems, thanks to phishing attacks, money laundering, ATM skimmers, malware and more.
The attack earlier this year that compromised systems and data at LastPass is more extensive than the password management software provider previously revealed. LastPass says the attacker downloaded from the cloud backups of multiple users' encrypted password vaults, as well as unencrypted URLs.
Cloud email security: It involves new strategies and tools to defend against a new wave of attacks. Arun Singh of Abnormal Security discusses the latest flavor of email attacks and the new Knowledge Bases created to help enterprises increase their education and defensive capabilities.
The losses from phishing and other forms of sophisticated email fraud in 2021 alone totaled over $44 million, and the volume of phishing and email spoofing attacks doubled in 2021. Many malicious data breaches are caused by stolen credentials rather than the installation of malware. In fact, IBM found that in 2021,...
Security researchers at Palo Alto Networks say they identified an attempted hack on a large petroleum refining company based inside a NATO member that came from a threat actor known as Gamaredon and Trident Ursa. The Ukrainian government traces the group to a Russian FSB.
A phishing campaign against users of a Ukrainian battlefield awareness tool masqueraded as an email from a Ministry of Defense employee telling the users to update their digital certificates, says the Ukrainian Computer Emergency Response Team. The tool, dubbed Delta, is a digital map.
The email attack vector. It may not earn much discussion, but the adversaries take full advantage of it with phishing, BEC and now email platform attacks. Mike Britton, CISO of Abnormal Security, talks about the latest threat trends and how to detect and defend against them.
Anything that can write a software code can also write malware. The latest AI technology can do it in seconds. Even worse, it could open the door to rapid innovation for hackers with little or no technical skills or help them overcome language barriers to writing the perfect phishing email.
Australian telecommunications provider Telstra apologized for accidentally publishing names, numbers and addresses of over 130,000 customers whose details were supposed to be unlisted. The company apologized for the error and blamed a "misalignment of databases."
Hosted services company Rackspace is warning customers about the increasing risk of phishing attacks following a ransomware attack causing ongoing outages to its hosted Exchange environment. The Texas-based firm also is now facing a class action lawsuit.
Ransomware gangs rely on shotgun-style attacks using phishing or stolen remote access credentials to target individuals. This strategy snares less poorly prepared organizations, and that often means healthcare entities. Experts share insights on this plague on healthcare and what to do about it.
Especially for healthcare organizations, repelling ransomware attacks hinges on having robust monitoring and defenses in place to spot the signs of an unfolding attack and shut it down before crypto-locking malware gets unleashed, says Peter Mackenzie, director of incident response at Sophos.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
