As senior correspondent for Information Security Media Group's global news desk, Ishita covers news worldwide. She previously worked at Thomson Reuters, where she specialized in reporting breaking news stories on a variety of topics.
The operators behind the Valak malware strain have expanded their malicious campaigns to other parts of the world, targeting financial, manufacturing, healthcare and insurance firms, according to Cisco Talos. Attackers are now using existing email threads and ZIP files to spread the information stealer.
Fraudsters are using a revamped version of the Alina Trojan to target Windows-based POS devices to steal payment card data, according to Century Link's Black Lotus Labs. The malware operators are using unsecured DNS protocols to exfiltrate the data.
The U.S. Federal Communications Commission has officially designated China's Huawei Technologies and ZTE Corp. as "national security threats," barring American telecommunications firms from using certain federal funds to buy their equipment, such as for building 5G networks.
A Russian national charged in connection with co-creating the Infraud Organization's online cybercrime forum that sold stolen payment card data and was tied to $530 million in fraud losses has pleaded guilty.
A hacking group dubbed CryptoCore has stolen more than $200 million in virtual currency from several cryptocurrency exchanges over the past two years, the security firm ClearSky Cyber Security reports.
Police have confiscated $90 million from a company allegedly owned by Alexander Vinnik, who is accused of money laundering and defrauding individuals through BTC-e, a cryptocurrency exchange he controlled.
The surge in phishing campaigns and other types of fraud using COVID-19 themes has diminished in recent weeks, according to the Microsoft Threat Protection Intelligence Team, which asserts in a new report that such campaigns were never a dominant threat.
The notorious Qbot banking Trojan is making a comeback with new features and capabilities that enable it to more effectively steal victims' financial data and credentials, according to cybersecurity researchers at F5 Labs.
Cybercriminals are continuing to take advantage of unsecured Amazon S3 buckets, with RiskIQ researchers recently finding card skimming code and redirects to a long-running malvertising campaign infecting several websites.
Japanese auto giant Honda has confirmed that it sustained a hack attack earlier this week that has affected production operations at several of its global facilities, including plants in the U.S., Japan, Turkey and Italy. Security researchers suspect ransomware is the likely culprit.
An ongoing phishing campaign has targeted top officials at a German multinational company tasked with procuring personal protective equipment during the COVID-19 pandemic, according to IBM. While it's not clear if these attacks were successful, they contain the hallmarks of a nation-state group.
The COVID-19 pandemic has created a new series of cybersecurity challenges for election officials across the U.S., including concerns about the security of mail-in ballots and vulnerable networks for local election workers still working from home, according to a new report.